Introduction
Single Sign-On (SSO) is an authentication method that enables users to securely authenticate with multiple applications and websites by using just one set of credentials. In other words, SSO is the capability of a system to share login credentials with another system. The benefits of using SSO are the following:
- You need to remember fewer passwords.
- Simplifies username and password management for admins.
- Reduces security risks for your organization and employees.
- Increases speed to login and eases the onboarding of new employees to the system.
In OfficeRnD Hybrid, you can enable SSO for both the Web and Admin portals and enable your employees to log in using your SSO provider. The most commonly used external SSO providers by our clients are Google’s GSuite and Microsoft Azure.
- The standard login with an OfficeRnD Hybrid user and password
- The "Reset password" links in OfficeRnD Hybrid
- The token for authentication that employees receive when invited to the Members Portal.
Add The Hybrid Work App to InTune
Please follow this article to go through the process of adding the Hybrid Work Android App to Mobile Device Management in InTune.
Enable SSO Authentication
1. Log in to your identity provider account.
2. Navigate to your applications.
3. Create a new application for OfficeRnD Hybrid.
4. Log-in to your Hybrid account.
5. Navigate to Settings/Integrations.
6. Look for SSO Authentication and click Activate.
4. Next, click Configure.
5. In the Edit Authentication Integration dialog shown below, copy the Base URL (7) and Return URL (8) values and use them with your identity provider account to complete the configuration on their end.
6. From within your identity provider, copy the Client ID, Client Secret and Discovery URL and paste them into the corresponding fields (2, 3, 4) in the dialog.
7. Enter a Title in the field (1). Keep in mind that this title appears on the login button for your employees - “Login with {Title}”.
8. (optional) Enter Custom Scopes (can be space-separated) in the field (6).
9. (optional) Enable Automatic Account Activation (9).
10. (optional) Enable Enforce SSO for All Admins if you want to prevent admins from logging in with their OfficeRnD credentials.
11. Click on Update to save the changes.
Comments
Please sign in to leave a comment.