Setting up SSO for your customers
Single Sign-On your customer users into Prelim with your service.
Special permission required
Setting up SSO for your customers requires having the right permission on your role.
You can use Prelim with your own identity management to manage customer access into Prelim. Once setup, customers will not be able to signup or login directly into Prelim, but will instead have to go through your Single Sign-On.
Prelim supports the following Single Sign-On protocols:
- SAML 2.0
- OAuth 2.0 OpenID Connect
To setup Single Sign-On, first go to your organization management page.
Setting up OAuth 2.0 OpenID Connect
Before setting up OpenID Connect in Prelim, make sure that you've already created the service provider profile with whatever will be acting as the Identity Provider.
-
Choose the OpenID Connect protocol from the dropdown.
-
Find the discovery url from your Identity Provider and paste it in. E.g. https://accounts.google.com/.well-known/openid-configuration
-
From the information take from creating Prelim as a service provider with your Identity Provider, paste in the client ID and the client secret.
-
Select the token response algorithm that your Identity Provider will be signing the tokens with.
-
Click save! Now that you've setup OpenID Connect with Prelim, the login url has now changed and you should see this in the configuration at the bottom under "Login URL".
Setting up SAML 2.0
Before setting up SAML 2.0 in Prelim, make sure that you've already created the service provider profile with whatever will be acting as the Identity Provider.
-
Choose the SAML 2.0 protocol from the dropdown.
-
Paste in the Identity Provider certificate.
-
Prelim requires both a unique identifier for each user and an email inside of the attributes. Fill in the attribute names.
-
Click save! Now that you've setup SAML 2.0 with Prelim, the login url has now changed and you should see this in the configuration at the bottom under "Login URL".
Updated about 1 year ago