Setting Up SSO Authentication
Prerequisites
Aisera Administration Application Login URL : https://<Aisera tenant-vanity-url> Example: https://<Aisera tenant>.login.aisera.cloud
Identity Provider using SAML protocol
Authentication Configuration in Aisera Administration Application
To set up the authentication configuration:
Select Settings > Configuration in the left navigation menu.
Click the Authentication tab in the Configuration window.
Choose the SSO Authentication radio button, instead of the default Aisera Authentication.
There are two required fields in the SSO Authentication window:
Login URL
X509 Certificate
Retrieve these credentials from the setup instructions shared by your identity provider application.
This example will use the Okta (with Aisera environment) application.
To get the credentials:
Select View Setup Instructions button from the OKTA application:
Take note of the following field values: - Identity Provider Single Sign-On URL - Identity Provider Issuer - X.509 Certificate
Apply the values collected from Step 2 to the Authentication window in the Aisera Administration Application.
Click OK.
Notes:
Apply the identity provider single sign-on URL to the Login URL field
Issuer field can be optional
X509 Certificate should be the full text value, including “---END CERTIFICATE---”
Aisera Administration Application Callback
The format of the ACS URL that serves as the Aisera callback is:
{aiseraLoginUrl}/aisera/ssoLoginCallback
Configure SAML Settings in Identity Provider App
To configure SAML settings in your Identity Provider:
Check the option Use this for Recipient URL and Destination URL.
Set Audience URI (SP Entity ID) the same as that of the ACS URL.
Set the name ID format to be Unspecified and select Email as the format for the application user name.
Save the settings.
Test
As users access the Aisera Administration Application login URL, they are automatically redirected to complete the SSO process.
Last updated