Setting up users for single sign-on authentication
Looking for help with this feature in Polaris? Check out Setting up users for single sign-on authentication in the Polaris help.
Once you’ve set up a single sign-on (SSO) option – whether an authentication provider or SAML – you’ll need to ensure users in your system are set up to use it.
In their user profiles, you’ll need to assign them SSO authentication and, if you’re using an authentication provider, an authentication ID that maps to the user’s identity in the provider application.
To do this:
- Go to Administration > Employees and Organization > Users.
- Select the user’s name, or click Add User.
- On the main user profile page, from the Authentication Type field, select SSO.
An Authentication ID field displays. If you’re editing an existing user, this field will automatically populate with their login name, though you can modify this value, if necessary.
This field only applies to authentication providers – you can leave it blank for SAML.
- If you’re using an authentication provider, enter the user’s name as formatted in the provider application in the Authentication ID
This mapping will allow the user to be identified in the provider app, and be authenticated correctly. You should be able to find what field to map in the provider application’s documentation for OpenID Connect.
This field will be filled automatically if you’re already using Google or Intuit SSO with Replicon.
Users can now log in to Replicon using SSO. If you’re using SAML, you’ll need to supply them with a link to use to log in. If they’re using an authentication provider, they can use the credentials for that provider, via our login page.
If an employee is using a provider other than Google or Intuit, you’ll need to let them know they must log in using our alternate login option that supports multiple SSO options, accessed by clicking the the Try our new login page link located above the login fields. All other users can continue to use the old login page.
You can mass edit the Authentication Type field. If you change this to SSO via mass edit, the Authentication ID for all users will be set to their login name. If you need to change that field to something different, you’ll have to update it one user at a time.
Related topics
Using single sign-on with Replicon
Setting up single sign-on
Using SAML for single sign-on
Setting up SAML 2.0 for Replicon
Setting up SAML 1.1 for Replicon