Single sign-on (SSO) allows Memsource users to log in to Memsource Cloud directly via a third-party application. Memsource enables integrations with identity providers (IdPs) compliant with SAML 2.0 protocol, including OneLogin. SSO is only available for Memsource users with Ultimate or Enterprise editions and can only be configured if you are logged in as an administrator.
Configure Single Sign-On
Singl Sign-On can be configured in the Setup of your Account.
To enable SSO, first select the checkbox marked Enable SSO for your organization.
Once SSO is enabled, a series of fields will appear which need to be filled in.
These fields are:
- Certificate Fingerprint:This is used to validate the authenticity of the IdP.
- Certificate Fingerprint Algorithm: Select from SHA-1, SHA-256, SHA-384 or SHA-512.
- Issuer URL: This value is provided by the IdP to uniquely identify your domain.
- SAML 2.0 Endpoint (HTTP): The URL that Memsource Cloud will call to request a user login from the IdP. The IdP authenticates and logs in users.
- SLO Endpoint (HTTP): When users log out of Memsource Cloud, this URL is called to log them out of the IdP too.
- Landing URL (Optional): Choose the URL of the web page that users will see when they log out of Memsource.
- Key User Identifier: Select whether users will identify themselves using a USERNAME or an EMAIL address. Note: Memsource requires a unique username by default, but users can opt to use the same email address multiple times. Choosing the EMAIL option will require users to use a unique email address.
Fields 1-5 should be completed using information from the IdP provider. (For Onelogin, you can find out more information about configuring SSO in the OneLogin documentation.)
To configure SCIM properties in your identity provider, select the checkbox and then click Generate New Token. A unique token will appear in the SCIM Bearer Token field. Insert the SCIM Bearer Token and the SCIM Base URL into the relevant section of your identity provider settings. (For OneLogin, you can find SCIM configuration in the Configurationtab. See the OneLogin documentation for more details.)
Finally, click Save to save all the configuration information.
Use the following values to configure