Single Sign-on
Identity360 SSO eliminates the need for multiple user IDs and passwords, making applications accessible with just one click. This feature streamlines the login experience and improves security.
The Single Sign-on dashboard provides an overview of all the applications you have configured for SSO and offers various actions to ensure a seamless SSO experience for all users.
- Choose the desired application(s) and use the Assign Users or Unassign Users option to add or remove the selected user(s) for one or multiple applications.
- Click View in the IDP Details section to view the metadata details and download the X509-Certificate file.
- In the SSO Assigned Objects column, you can view the list of users for whom the particular app has been assigned for SSO. You have the option to choose the user(s) and then proceed to unassign the particular app for that user.
- Use Renew to generate a new X509-Certificate or IDP metadata file to update the existing SSO configuration in the application, as it is required to renew the certificates periodically to ensure a consistent SAML SSO connection.
- The Customize option enables you to add extra attributes that you wish to be included in the SAML assertion message.
ManageEngine Identity360 supports two widely used SSO protocols:
- SAML: Security Assertion Markup Language (SAML) is an open standard that links authentication and authorization services to access-protected resources. Identity360 supports the secure and widely adopted industry standard SAML 2.0.
- OAuth/OpenID Connect: OAuth is an authorization protocol that allows authenticated resource accesses between servers and services without sharing any logon credentials. OpenID Connect is an identity layer on top of the OAuth framework.
Steps to configure SSO for an application:
- Log in to Identity360 as an Admin or Super Admin.
- Navigate to Applications → Application Integration and click Create New Application.
- Select the desired application for which you want to configure SSO.
- In the General Settings tab, enter the Application Name and Description, if necessary.
- Select SSO under the Choose Capabilities section to enable SSO for that particular application and click Continue.
- Under Integration Settings, select the SSO protocol used by the application: SAML or OAuth/OpenID Connect.
- Enter the Relay State and any other application-specific information as required.
- Copy the Login URL, Logout URL, Entity ID/Issuer URL, and SHA1 or SHA2 Fingerprint. Or, download the metadata file based on the requirements set by your application.
- Click Save to complete the SSO configuration for the application.
- Follow the configuration procedure as outlined in your application to enable SSO and finish the setup.
Learn how to configure SAML or OAuth/OpenID Connect-based SSO for the custom applications that you wish to integrate with Identity360.