Previous TopicNext Topic

Single sign-on configuration

Note: SSO for applications is available only with Endpoint MFA.

In addition to eliminating the need for multiple user IDs and passwords, ADSelfService Plus' single sign-on (SSO) streamlines the login experience of users and improves security. It uses Active Directory (AD) credentials to verify users’ identities, as well as OU- and group-based policies to control access to various cloud applications.

ManageEngine ADSelfService Plus supports two widely-used SSO protocols:

• SAML
• OAuth/OpenID Connect

All user accesses to applications via SSO are logged and can be audited using the Application Access Audit Report.

Bookmarking applications

The Bookmark functionality allows admins to bookmark an application that does not support SSO, providing a convenient way to integrate external applications which do not support protocols—like SAML, OAuth, or OIDC—into the user portal.

To do so, follow these steps:

1. Log in to ADSelfService Plus as an administrator.

2. Navigate to Password Sync/Single Sign On > Add Application > Custom Application.
3. Enter your Application Name and Description.
4. Upload an image for the app icon in both sizes.
5. From the Select Sign-on Method drop-down, select Bookmark.
6. Enter the app's login URL in the Login URL field.

Once the bookmark is configured, users can just click the application in the user portal and it will lead them to the login page of the app. They must then authenticate using the credentials with which they registered on the app.

Previous TopicNext Topic