Single Sign-on (SSO) integration allows your network members to use one set of login credentials to access multiple applications, including your private network.
To configure SSO for your network, follow the steps below.
Step 1. Configure Your Identity Provider
To implement SSO for your private network, you must meet the following conditions:
- Your identity management system must have SAML 2.0 capability. You can learn more about SAML by clicking here. Visit your corresponding provider to view setup help: Okta, OneLogin, Ping Identity, Bitium, Clearlogin, LastPass, Centrify, Microsoft Azure.
- You will need the assistance of an SSO IT resource from your company to complete the integration.
Your SSO IT resource will need the information provided in the Sign Sign-on URL and Entity ID of this System to configure your Identity Management System.
In SSO integration, Zillable is the Service Provider. Zillable generates the information regarding your SSO URL and Entity ID based on your Network URL. Once you have these information, copy and paste the Entity ID into your company's Identity Management System.
Once IT has completed this step, move to Step 2.
Step 2 Setup SAML 2.0 Authentication
Your IT department may have provided you with the metadata for your SSO Provider. If you have this file, you can upload it directly to save some time. If the metadata has not been provided, you can manually input the fields if you know the information.
- SAML 2.0 Endpoint (HTTP): Identity Provider Single Sign-on URL. This is where you go when you try to login.
- Identity Provider Issuer: The IDP Entity ID for the service you use.
- Public Certificate: To complete your SSO integration, you need to provide your x.509 Certificate. You can get this certificate from your Identity Provider. Since the key itself can be quite long, we highly recommend that you upload the metadata to avoid mistakes.
Once both steps have been completed, you can begin to test your SSO. It is important to note that you should keep Enable Your Private Network Login via username and password turned on until after you have verified that your SSO is configured correctly. Once your users can login via SSO, you can disable this option if so desired.
With SSO, you are given three additional options: