Single Sign-On Providers
Use this table to configure Single Sign-on integration in ENPS.
ENPS supports Single Sign-on (SSO) integration with Office 365/Microsoft Live, Azure Active Directory, Okta, OneLogin and Google. SSO can be enabled to allow for additional security for the ENPS log-on process. This can bring multi-factor authentication support to ENPS if enabled within the SSO provider configuration.
SSO requires the installation of the Platform Authorization Gateway.
Platform Authorization Gateway
The Platform Authorization Gateway is a web application that acts as a gateway between ENPS and external SSO providers. Using the ENPS Platform Installer, it should be installed on a server in the enterprise that has outbound internet access and an SSL certificate.
The gateway's URL must be registered in both System Maintenance > Global Configuration Options and the third-party SSO provider(s) to allow the redirection to take place. This must be in the following format:
All SSO login requests from the ENPS client will be made to this gateway, which will then handle redirection to and from the third-party provider.
A load balancer with affinity can be used to have multiple authorization gateways for a single enterprise.
If your enterprise wants to use SSO exclusively for authentication, go to System Maintenance >Global Configuration Options and set ForceLoginWithSSO to 1. This disables the Windows login field in ENPS and ENPS Mobile.
To configure specific workstations to ignore the ForceLoginWithSSO global setting, tick the Override ForceLoginWithSSO setting in the MAC Addresses table.
Settings
|
Field |
Description |
|---|---|
|
ID |
SSO provider. |
|
Description |
Description of the SSO provider. |
|
App ID |
The ID of the app creating in the SSO Provider's environment. |
|
Active Directory ID (Only for Microsoft Azure) |
|
|
Base URL |
|
|
Client ID Dev (Only for OneLogin) |
|
|
Secret ID Dev (Only for OneLogin) |
|
|
Icon |
|
