Edit

Setting Up SSO Authentication

Configure the Aisera Admin UI to use SSO for Authentication

Overview

This guide details the steps required to configure Security Assertion Markup Language(SAML) Single Sign-On (SSO) for accessing the Aisera Admin UI. The process involves setting up a SAML application in your Identity Provider (IdP) and then applying the generated IdP credentials within the Aisera Admin UI.

Prerequisites

Aisera URLS

You will need the login vanity URL for your Aisera tenant. This will look like: https://<your_tenant>.login.aisera.<top_level_domain>/

You will also need the your Aisera tenant SSO Callback URL. This will be used as the Assertion Consumer Service (ACS) URL within your IdP. This will look like: https://<your_tenant>.login.aisera.<top_level_domain>/aisera/ssoLoginCallback

IdP Administrative Access

To setup SSO access to the Aisera Admin UI you will need administrative access to an Identity Provider. This access is necessary for the creation of SAML applications and the generation of credentials necessary to configure the Aisera Platform.

SAML Application Configurations

The Aisera Platform supports any IdP that provides the following:

  • Login URL

  • Logout URL

  • X509 Certificate

For additional help configuring your SAML application, see the common use cases below:

Configuring Your Aisera Tenant

After configuring your IdP and retrieving the required values you can configure your Aisera tenant to use the SAML application for authorization.

To configure your Aisera tenant:

  1. In the Aisera Admin UI navigate to Settings > Configuration

  2. Click on Authentication

  3. Select the SSO Authentication radio button

  4. Input the Login URL and Logout URL retrieved from your IdP

  5. Input the X509 Certificate

    This should include the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- portions of the certificate.

  6. Set the remaining configurations

    Field
    Description

    Issuer

    This field should be set to your tenant's login vanity URL.

    Separate Window

    Determines if HTTP Redirects will be used in the authentication flow. If your IdP only supports HTTP Post leave this option unchecked.

    Skip Compression

    Certain IdPs, and even specific versions of IdPs may not support compressed SAML. Check this option if your IdP is not compatible with compressed SAML

    If you are getting a SAML error, try enabling the Skip Compression configuration.

  7. Read the warning below and then select OK to apply the new login configurations.

    Double check that you have configured these settings correctly and that the correct values have been inserted into the tenant configurations. If they have not been entered correctly you will be unable to log into your Aisera Tenant. If this happens, reach out to your Aisera Team and they will help you recover access.

Final Step

Upon completing these steps you will be required to sign back into the Aisera Admin UI using the new form of authentication. As users access the Aisera Admin Application login URL they will now be directed to complete the SSO process.

PreviousAisera Platform ConfigurationNextSetting up Entra ID for SSO with the Aisera Platform

Last updated

Was this helpful?