Enabling Single Sign-On (SSO) for your bureau is a very useful configuration. While it is generally a straightforward process, there are complexities associated with each individual integration. There will be multiple parties involved in accomplishing this integration. Note: This configuration process must be repeated for every instance of Authentise that must have SSO enabled (ie. testing, staging, development, production).
Participants
- IT Lead, Customer
- Sr. Engineer, SSO Provider (able to change schema settings, adjust groups, etc)
- Sr. Engineer, Authentise
- Customer Success Manager, Authentise
Typical Process
- Customer submits Zendesk ticket to enable SSO feature for Bureau
- Customer Success Manager contacts Customer to request information regarding their SSO provider and answer any questions regarding the process, and gathers participant contact information.
- Customer works with SSO Provider to provide Authentise:
- URL for SSO Provider
- SAML_CERT for SSO Provider
- SAML_KEY for SSO Provider
- SAML Identity Provider Schema (XML Format)
- Authentise provides SSO Provider (via Customer)
- SSO consumer URL (for each instance)
- Authentise begins integration effort based on provided schema. Authentise CSM will need to request a maintenance window for DevOps to conduct the below:
- Write unit-tests for SAML Identity Provider Schema
- Evaluate tests and adjust integration customizations
- Share results of successful tests to SSO Provider and Customer
- Customer and SSO Provider approve tests
- Authentise releases any schema adaptations to main codebase to prep for integration
- Final Integration Validation Process
- Integration Calls: Typically this is accomplished by 2 integration calls between the IT Lead (Customer), Sr. Engineer (SSO Provider), Sr. Engineer, (Authentise).
- Anticipated Duration: 1 hour per call. Note: repeated for every instance being enabled
- Activity: Collaborative process of debugging and adjusting minor items between Authentise and SSO Provider.
- Customer Success Manager notifies Customer SSO has been enabled
0 Comments