How do I set up Single Sign-On?
Single Sign-On (SSO) is a feature of Enterprise plans and is also available to non-enterprise plan customers as a low cost add-on feature. Prior to setting up SSO you are expected to currently use an Identity Provider (IdP) and the necessary permissions to create and configure a new app integration within the IdP. The SSO setup process will differ between different IdPs but the following steps should cover most of the configuration.
- Log into the Addressfinder portal using the regular login pathway.
- Navigate to the Single Sign-On page.
- Click the
Configure Single Sign-On
button. - Within your IdP, create a new app integration and select the SAML 2.0 sign-in method.
- Name your new app so that it can easily be found and updated in the future. Something like Addressfinder Portal access might be good.
- Copy the Service Provider Entity ID (sometimes referred to as Audience Restriction or Audience URI) from the Addressfinder portal into your IdP's new app settings.
- Copy the Sign-On URL from the Addressfinder portal into your identity provider's settings.
- Copy the Reply URL (sometimes referred to as Assertion Consumer Service URL) from the Addressfinder portal into your identity provider's settings.
- Set "Application username" to "Email".
- Save/finish the new app.
- Go back into the app and copy the Metadata URL. Paste this into the Metadata URL field in Portal and click
Enable SSO
. - Assign users to the new app. Important: The email addresses used in the IdP must exactly match the email address used in the All Users page of the Addressfinder portal.
Before logging out of the portal, it might be wise to ask another Addressfinder User, who is setup within the IdP to have access to the portal, to attempt to log into the portal as a test.