Configuring Single Sign-On

v22.0

Summary

Show details

Objective

Explain Single Sign-on and how it can be configured in Promapp and describe its benefits.

Procedure

Hide details
Show / Hide details
1.0

What is Single Sign-on?

  • UNASSIGNED

    a

    Single sign-on gives users access to multiple applications with one set of username and login credentials simplifying access to their applications.

    Process
    Show / Hide details
    2.0

    Contact Promapp to enable SSO

    • UNASSIGNED

      a

      Contact your Promapp Account Manager to discuss enabling Single sign-on for your organization. Alternatively contact us at support@nintex.com. Once the options have been discussed we will enable Single sign-on for your site, ready to be configured.

      Promapp
      Show / Hide details
      3.0

      Configure your trusted Identity Provider for Single Sign-on

      • UNASSIGNED

        a

        Configure your trusted identity provider for Single Sign-on (SSO). Refer to the instructions below on how to do this depending on the Identity Provider you use: ADFS, OneLogin, Azure AD or Okta. Refer to your Identity Provider’s configuration help for more details.

        Show details Note
        What if you would like to configure your own solution or use a different identity provider?
        Promapp
        Process
        Process
        Process
        Process
        Show / Hide details
        4.0

        Configure Promapp for Single Sign-on

        • UNASSIGNED

          a

          Log into Promapp and go to [Admin->Configure]


            b

            In the Configure section, expand the [Security] admin panel and set the Single Sign On mode to [On].


              c

              Change the [Single Sign On Mode] to [Optional]

              Show details Note
              Why should I change the Single Sign-on Mode to Optional at this stage?

                d

                Enter the [SSO Login Url] from your identity provider.


                  e

                  Copy and paste the x.509 certificate from your identity provider in the [Sso x.509 Certificate] field

                  Show details Note
                  What is the certificate expiry and how is it calculated?
                  Show details Note
                  How can I access my site if our SSO Certificate has expired?

                    f

                    Set [Sync user details with SSO provider] to ON or OFF

                    Show details Note
                    What does configuration setting [Sync user details with SSO Provider] do?

                      g

                      Test your SSO sign-on. With SSO set to 'Optional,' enter your username and click login. If this works as expected, set SSO to 'Required' and make sure you have logged out or closed down and reopened your browser. Navigate to your Promapp site and you will be redirected to your Identity Provider to login. If you are already logged into your Identity Provider, you will be logged into Promapp automatically.

                      Show details Note
                      If I get locked out of Promapp in SSO Required mode how can I access Promapp?
                      Promapp
                      Show / Hide details
                      5.0

                      Import Users into Identity Provider, as required

                      • UNASSIGNED

                        a

                        If you are not using Active Directory in conjunction with your identity provider you will need to setup all your Users in your identity provider


                          b

                          For more information on setting up users within your identify provider please refer to your identity providers Help documentation

                          Show / Hide details
                          6.0

                          Deploy Single Sign-on

                          • UNASSIGNED

                            a

                            Communicate to your Users that Single Sign On is now available


                              b

                              Change the [Single Sign On Mode] to [Required] under [Admin>Configure>Single Sign On]

                              Show details Note
                              What's the difference between optional mode and required mode?
                              Promapp
                              Show / Hide details
                              7.0

                              Log into Promapp with Single Sign-on

                              • UNASSIGNED

                                a

                                Navigate to your Promapp URL, e.g. https://go.promapp.com/acme. If you are logged into your Single Sign-on Identity provider you will be authenticated and the Promapp home page will open.


                                  b

                                  If you are not logged into your Identity Provider you will be redirected to its login page (this URL is the one entered in the SSO - login URL field in Admin > Configuration > Security). Once you login here the Promapp home page will open.

                                  Show details Note
                                  Can I navigate to Promapp from my Identity Provider?
                                  Promapp
                                  Show / Hide details
                                  8.0

                                  What to do if you've followed all the steps but SSO still isn't working

                                  • UNASSIGNED

                                    a

                                    Fill in the Promapp Help SSO Troubleshooting Guide and send it to us at Promapp Support. We'll get back to you with the next steps to try.

                                    Promapp
                                    Show / Hide details
                                    9.0

                                    Frequently Asked Questions

                                    • UNASSIGNED
                                      Show details Note
                                      What are the benefits?
                                      Show details Note
                                      How does Promapp support Single Sign-on?
                                      Show details Note
                                      Does Single Sign-on affect Promapp integration?
                                      Show details Note
                                      What's the difference between optional mode and required mode?
                                      Show details Note
                                      Will I still be able to see and manage user and role information once SSO is enabled?
                                      Show details Note
                                      Are passwords still stored or managed from within Promapp?
                                      Show details Note
                                      Can Roles & Responsibilities be synchronised with i.e. Active Directory using SSO?
                                      Show details Note
                                      What will happen to a user’s existing profile information (roles etc.)?
                                      Show details Note
                                      Can I still access Promapp from outside of my work environment using SSO?
                                      Promapp