Configuring Sococo SAML/SSO
The SAML/SSO option allows users within an organization to log in via any SAML2 compliant identity provider (such as Active Directory, Okta, OneLogin, ...many others) that they may have setup within their organization. It also allows an account to have their own address for Sococo, ie you.sococo.com rather than app.sococo.com.
Sococo Organization Administrator Configuration Steps
These steps are executed by the customer (Sococo Organization Administrator privileges are required).
1. The Sococo Organization Administrator can navigate to Authentication section of the Settings > Organization Settings page
Note: If your organization has been configured properly by Sococo, you will see the following message highlighted in green:
If you see the following yellow message, you must contact your Sococo account manager to have a custom URL provisioned for your Sococo organization. If you do not know who your account manager is, Sococo support can connect you with the appropriate person to set this up for you.
2. Select Configure for the SAML Authentication option.
3. Provide appropriate inputs into the Configure SAML Authentication dialog:
a. Signature Algorithm: select appropriate signature algorithm for your identity provider.
b. ACL: Enter the SAML 2.0 endpoint from your identity provider in this field.
c. Cert: Paste the entire public x.509 Certificate from your identity provider into this field.
4. Turn on Enabled
5. Select Complete Configuration
6. Note: You can have multiple Authentication methods enabled simultaneously (e.g SAML Authentication and Sococo's Built-in Authentication). In this case, selecting Make Primary for an authentication method will determine which of the methods is presented as the primary login options for users. Other methods will be access via the More Login Options on the customer URL login page.
End User Account Binding
Upon changing authentication methods, Sococo will send an email to members of the Sococo organization that will help them 'bind' or merge identities across previous and new authentication providers.
End user Login
End users will experience the following when logging into Sococo.
1. Users for your organization will login to Sococo via the custom URL configured for your organization.
2. The primary authentication method will be prominently displaced (i.e. the authentication method with Make Primary was selected during configuration).
3. Other configured authentication methods are accessible via the More Ways to Login link on the login screen)