SSO - Single Sign-on

SSO (Single Sign-On) is s an authentication method that enables users to securely authenticate with multiple applications and websites by using just one set of credentials.
In other words, SSO is the capability of a system to share login credentials with another system.
The benefits of using SSO are the following:

• You need to remember fewer passwords.
• Simplifies username and password management for admins.
• Reduces security risks for organizations, members and partner entities customers, vendors, and partner entities.
• Increases speed to login and eases the onboarding on new applications.

Types of SSO that we support

The SSO functionality enables OfficeRnD Members to log in the Member Portal and Member Apps using  a single SSO provider.

Currently we support:

• SSO for Member Tools - this enables OfficeRnD Members to log in to their organization using SSO provider.

The most commonly used external SSO providers by our clients are OKTA, Google’s GSuite and Office365.

General Setup

• Log in to your identity provider account.
• Navigate to your applications.
• Create a new application for OfficeRnD.
• To get the Base and Return URL go to Settings -> Integrations -> Members SSO Authentication -> Configure  
• Copy the Client ID, Client Secret and Discovery URL from your identity provider, and paste them into the corresponding fields in the Members SSO Authentication configuration panel in OfficeRnD.
• Choose title which will appear on the login button - “Login with {Title}”
• Click Configure.
• Your SSO is up and running!

How to Set Up SSO with Specific Providers

• Setting up SSO with OKTA
• Setting up SSO with Google Custom Domain
• Setting up SSO with Salesforce
• Setting up SSO with Azure AD B2C

How to Test

The SSO is configured from "Settings"-> "Integrations"-> "Authentication" -> "Members SSO Authentication" .

After the successful activation of the SSO, the customer will see only one button on the login page of the Member Portal and Member Apps “Login with Google”.
By clicking the button the customer will be redirected directly to the authentication page of the provider.

Note: The activation of the SSO for Member Tools disables:
- The standard login with OfficeRnD user and password
- The Public Calendar Page and Sign-up Page
- Reset password links
- Token for auth in the invite to portal email

Please follow the steps below in order to configure your integration:

1. Navigate to https://console.developers.google.com/?pli=1 and log in with your Google (Gmail account).

2. Create a New Project from Select a Project: New Project -https://console.developers.google.com/projectcreate
   

3. Go to OAth consent screen and select External
   

4. Set App name → Enter your e-mail in the User support mail field and the Developer contact information field → Click Save and Continue
   
   

5. Click the Add or Remove Scopes button and select all scopes → Update

6. Go to Credentials -> Create Credentials -> OAuth Client ID

7. Choose Application Type -> Web Application

8. Set Application Name

9. Click the ADD URL button under the Authorized redirect URL
   
   

10. Copy the Return URL from OfficeRnD in the field and click Create

11. Copy the Client ID and Client Secret in the respective fields in the Authentication Integration in OfficeRnD
    
    

12. In the Authentication Integration in OfficeRnD Set Discovery URL following the guidelines in this article OR use this one.

13. Set the Title to Google and click Update