This article provides information about configuring Single Sign-on (SSO) for your Sococo application using Security Assertion Markup Language (SAML).
The SAML/SSO option allows users within an organization to log in via any SAML2 compliant identity provider (such as Active Directory, Okta, OneLogin, etc.) that they may have set up within their organization.
It also allows an account to have their personalized address for Sococo, i.e., <you>.sococo.com instead of app.sococo.com.
To configure SAML/SSO, please follow the steps below. These steps are executed by the customer (a user with Administrator privileges).
- Go to the menu icon at the top left of Sococo.
- Select Settings > Organization Settings and then expand the Authentication section, as shown in the image below.
- If your organization has been properly configured by Sococo, you will see the following message highlighted in green color, providing your organization's custom login URL.
If you see the following yellow message to request your custom login URL, then you must contact your Sococo account manager to have a custom URL provisioned for your Sococo organization.
If you do not know who your account manager is, contact Support to connect you with the appropriate person to set this up for you.
- Select CONFIGURE for the SAML Authentication option.
- Provide appropriate input into the Configure SAML Authentication dialog, as explained below.
- Enable user access with SAML authentication.
- Signature Algorithm: Select the appropriate signature algorithm for your identity provider.
- ACL: Enter the SAML 2.0 endpoint from your identity provider in this field.
- Cert: Paste the entire public x.509 Certificate from your identity provider into this field.
- Select Complete Configuration to complete the process.
End-User Account Binding
Upon changing authentication methods, Sococo will send an email to current members of the Sococo organization that will help them bind or merge identities across previous and new authentication providers.
End users will experience the following when logging into Sococo.
- Users for your organization will log in to Sococo via the custom URL configured for your organization.
- The primary authentication method will be prominently displaced with the authentication method with the Make Primary option selected during configuration.
- Other configured authentication methods are accessible via the More Ways to Login link on the login screen.