sso_authentication
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
sso_authentication [2019/07/25 12:49] – external edit 127.0.0.1 | sso_authentication [2021/03/16 14:36] (current) – lucy | ||
---|---|---|---|
Line 3: | Line 3: | ||
===== Background Info ===== | ===== Background Info ===== | ||
- | :!: This feature is available in Lucy 4.6 or newer version. | + | :!: This feature is available in Lucy 4.6 or newer version. \\ |
+ | :!: We do not recommend using Let's Encrypt certificates with an SSO provider due to the short live term of charge-free certificates. | ||
Lucy allows you to set the SSO authentication by using the Lightweight Directory Access Protocol (LDAP) to access Admin console and EndUser portal. This also allows you to use a non-unique link for the awareness website within a campaign. | Lucy allows you to set the SSO authentication by using the Lightweight Directory Access Protocol (LDAP) to access Admin console and EndUser portal. This also allows you to use a non-unique link for the awareness website within a campaign. | ||
Line 20: | Line 21: | ||
* ADFS 4.0 (Windows Server 2016) | * ADFS 4.0 (Windows Server 2016) | ||
* ADFS 5.0 (Windows Server 2019) | * ADFS 5.0 (Windows Server 2019) | ||
+ | * Azure AD (refer to [[sso_azure|this guide]] to have a detailed instructions) | ||
+ | * Okta (refer to [[sso_okta|this guide]] for more details) | ||
The connection to the AD FS can be configured within the Settings / SSO Configuration: | The connection to the AD FS can be configured within the Settings / SSO Configuration: | ||
Line 165: | Line 168: | ||
{{ :: | {{ :: | ||
+ | |||
+ | ===== Useful tips ===== | ||
+ | |||
+ | **How to update or replace SSL certificate used for SSO authentication? | ||
+ | |||
+ | You should first update your SSL certificate within the SSL Settings. Refer to this [[ssl_configuration|page]] for detailed instructions. | ||
+ | |||
+ | Once the SSL certificate is updated, go to the SSO Settings page, upload XML metadata file and click Save button. To verify whether the certificate is applied, click " | ||
===== Troubleshooting ===== | ===== Troubleshooting ===== | ||
Line 179: | Line 190: | ||
**Solution**: | **Solution**: | ||
+ | |||
+ | **Issue**: (AD FS) Login with a single sign-on sometimes does not work (it redirects to the Lucy's login page after successful login at AD FS website) . \\ | ||
+ | |||
+ | **Solution**: | ||
+ | |||
+ | < | ||
+ | Set-AdfsRelyingPartyTrust -TargetName "Your RelyingParty Name" -SigningCertificateRevocationCheck None | ||
+ | </ | ||
+ | |||
+ | **Issue**: (AD FS) Login with a single sign-on stopped working after update to Lucy 4.7 (it redirects to the Lucy's login page after successful login at AD FS website) . \\ | ||
+ | |||
+ | **Solution**: | ||
+ | |||
+ | **Issue**: A blank window appears after successful authentication at SSO provider website and there an error in the web server logs (Apache): " | ||
+ | |||
+ | **Solution**: |
sso_authentication.1564051799.txt.gz · Last modified: 2019/07/25 12:49 by 127.0.0.1