SSO Configuration

[sagar....@flowian.com]

Hi Team,

We are trying to set-up a SSO (Single Sign On) for one of our client. We have done all the configurations and settings required for SSO.

But still the SSO is not working properly.

Is there any extra configuration needs to be done on Client side ?

Please suggest.

Regards,
Sagar

[Bidisha Das]

Hi Sagar,

You can refer to : http://docs.runmyprocess.com/Integration_Guide/Google/Authentication for SSO related information.

Please make sure you have configured everything properly.

Thanks & Regards

Bidisha  

[sagar....@flowian.com]

Hi Bidisha,

We have done all the configuration. But still we are not able to establish the SSO.

Please suggeest.

Regards,
Sagar

[Bidisha Das]

Hi Sagar,

Would you please let me know about your SSO configuration in details? I mean the steps you followed.

Thanks & Regards

Bidisha

[Bidisha Das]

Hi Sagar,

Would you please let me know what error you are facing exactly and how you configured SSO in RMP in details?

Thanks & Regards

Bidisha

[sagar....@flowian.com]

Hi Bidisha,

We have got all the information from the client and we have populated the following-

1] SSO Redirect.
2] Logout Redirect.
3] Name id format.
4] And Certificate.

We are getting redirected to the right URL(SSO Redirect) when trying to access any RMP url.

But it does not go through.

We want to show you the configuration and discuss few points.

Regards,
Sagar

[Bidisha Das]

Hi Sagar,

Can you check on the below configurations in RMP? We can probably take a Hangout session tomorrow if not solved.

RMP (RunMyProcess) Application Side SSO Configuration

1.    Create a test user and login with this test user.

2.    Go to ACCOUNT > USERS.

Note: This test user must already be provisioned in AD. Every RunMyProcess user has a unique id which is his email address/login.

 

 

3.    Go to ACCOUNT > Configuration > 'Authentication method' tab. Select method type : SSO with Samlv2 as shown in screenshot below

 

 

 

 

4.    You are asked to enter 4 parameters:

 

                      I.        SSO redirect URL = SAML 2.0 Endpoint. When you attempt to access a RunMyProcess page without being RunMyProcess authenticated, Server performs a SAML assertion on this urn and waits the SSO is giving confirmation you're SSO authenticated. In ADFS SSO case this url is :

HTTP-Redirect" =https://rmp.runmyprocess.local/adfs/ls/

We are giving localhost for this test i.e. localhost/adfs/ls/

 

                    II.        Logout redirect = SLO Endpoint. When you attempt to logout, our server logs you out from RunMyProcess and then performs a SAML request to this URL to log you out from SSO. In ADFS SSO case this url is :

HTTP-POST" =https://rmp.runmyprocess.local/adfs/ls/

We are giving localhost for this test i.e. localhost/adfs/ls/

 

                   III.        Account Management redirect. SSO Management Page\

https://rmp.runmyprocess.local/adfs/services/trust/artifactresolution

We are giving localhost for this test i.e.

localhost/adfs/services/trust/artifactresolution

 

                  IV.        Name Id Format. This indicates the name of the field on SSO side where user's email address is stored. After the login SAML assertion is sent, the SSO answers with that field value and the RunMyProcess server will try to find the matching user on the RunMyProcess account.

 

                    V.        Certificate. This is the SSO certificate RunMyProcess needs to check your SSO is who he claims to be. Do enter the 4 parameters from your SSO settings, then save:

 

 

 

 

This is a signing certificate in screenshot above, To get this Certificate details, Login to AD FS Server > Open AD FS Management console > Expand Service > Click on Certificates > Export Token-Signing Certificate details

 

 

 5.    User should now be able to login.