Integrate SAML 2.0 SSO (Old SSO integration)

Configure Community to integrate with your organization's Identity Provider.

Important: A new SSO integration workflow is available via Product Settings > SSO. The information here applies to the old workflow via the App Center, which is only available to customers who have already used it to implement SSO. For information about the new workflow, see Quick start: SSO setup.

As an IT admin configuring SSO for your organization, you will need the following to be successful:

  1. An admin login to the Alida platform so you can access the App Center and configure the SSO.
  2. Knowledge of how to get to the App Center and user admin area (which are both described below).
  3. Access to the SSO documentation (which you are viewing right now). You should also review the technical details before starting.

The following steps are for configuring the set up of SSO on a single Community application. If you want to set up SSO on a second Community application, please contact Alida Technical Support.

  1. In the navigation bar, click Product Settings > App Center - App Directory.
  2. Navigate to the Single Sign-On section of the Integrations page.
  3. Install SAML 2.0 SSO by clicking the SAML 2.0 SSO application icon in the App Directory.
    Result: The application redirects you to the SAML 2.0 SSO details page.
  4. Click Install.
  5. If this is your first time installing something from the App Directory, review the terms and conditions, select I accept the terms and conditions, and click OK.
  6. In the Configure IdP-initiated SSO dialog, select the Identity Provider your organization uses from the list.
    The following identity providers have been tested by Alida and are available:
    • Azure AD
    • Okta
    • OneLogin

    Alida's customers have configured SSO with many other providers such as F5, Ping, Google, and proprietary identity providers (IDPs). As long as you are using the same standard and pass all the required information and workflow, you can configure your SSO. When installing for another IDP, most choose OneLogin and the stated provider. With Ping, others have used Okta as well.

  7. Copy the following values from the Configure IdP-initiated SSO dialog.
    The following values connect the application to your organization's Identity Provider.
    • SSO URL
    • Assertion Consumer Service URL
    • Required Attributes: Email (primary attribute), First Name, Last Name
      Note: Required attributes are case-sensitive.
  8. In your organization's Identity Provider, create a new SAML 2.0 Connector.
    1. Use the values from step 6 to configure the new SAML 2.0 Connector.
    2. From the new SAML 2.0 Connector, copy the Identity Provider SSO URL.
  9. In Community, paste the Identity Provider SSO URL in the Provide Community with IdP URL section.
  10. Click Install.
    Result: The SAML 2.0 SSO integration is installed. When it is finished, you are notified and the Installed Apps page appears.

Testing and rollout to users

You can safely install an SSO without impacting any existing users. They will continue to log in and do their work as needed while you test. In order to test the SSO, perform the steps below.

  1. Test the integration with a user.
    1. Create a new Community user or edit an existing user.
      When you do so, you will have a new option to set that user as an SSO user. Ensure your test user is an SSO user.
    2. Grant the user access to the new SAML 2.0 Connector created in step 7.
    3. Have the user click on the new SAML 2.0 Connector to validate they can access Community.
    When you are ready to roll the SSO out to all your users, you need to add the users to your login provider and you need to edit each user on the Alida platform to set them as SSO users.