This is the ability to link StaffSavvy to your identity management platform. Single Sign On via SAML allows you to force staff to securely log into your normal systems and this action grants them access to their account on StaffSavvy.
There are a few requirements:
- Accounts must exist in both systems already.
- Email addresses used within StaffSavvy must match those used within your Identity Provider.
- Your Identity Provider must support SAML and allow you to specific a custom connection.
- *Require SSO for certain access levels
(You can also enable the option to require SSO for certain staff members based on their access level. This will block the StaffSavvy Email/Password login options for certain access levels which will ensure they login via your SSO system.)
Standard instructions for the configuration of the connection are detailed below. If you have any issues, please discuss this with our support team. Please note that this is an advanced configuration option where we’re only able to support the StaffSavvy side of the integration.
- Under the Global Settings > SSO tab, enable SAML Single Sign On
Note: do not disable the “StaffSavvy Account Sign On” option until your connection is set up and tested successfully.
- Complete the Identity Provider Details section.
- If you require self-signed x509 certificates, we recommend this free service: https://developers.onelogin.com/saml/online-tools/x509-certs/obtain-self-signed-certs.
- Click Save once your Identity Provider Details section is complete.
- Complete the Login Screen section fields to ensure your staff are correctly informed of how to login and who to contact if they have any problems.
- Download the Metadata XML as available under the SAML section.
- Upload this Metadata file to your Identity Provider.
- Test the connection and ensure you can log in correctly.
- Test with connection with a sample of your staff accounts.
- If desired, disable the StaffSavvy Account Sign On option from your SSO tab of Global Settings. This will force your SSO option to be used to log in.
StaffSavvy Login with just SSO login allowed:
Login page with optional SSO:
Please sign in to leave a comment.