Question
How to implement SSO for FlexiCapture Cloud?
Answer
Yes, the SSO can be implemented in FlexiCapture Cloud.
If you want to use a third-party Identity Provider to authenticate your users you have an option to implement Single-Sign-On for your FlexiCapture Cloud. All you need to do is collecting the required information and proceeding following steps. More detailed below.
What needs to be collected:
-
The URL of your FlexiCapture Cloud region and your tenant name
Example: "https://usa.flexicapture.com/FlexiCapture12/Login/Maksym_Test/AccessToken/Saml" where "Maksym_Test" is your tenant name. -
The public key certificate
Can be download from your Identity Provider SAML Configuration page, we are expecting to get the Base64 certificate. -
The login URL
Also can be found on your Identity Provider SAML Configuration page. -
The image for the new "Log in with…" button
An image your users will see on the authentication page. (images in *.svg, *.jpg, and *.png formats are supported) -
The name of the external identity for the "Log in with…" button
A name of authentication that your users will see.
Starting from ABBYY FlexiCapture 12 Release 4 Update 2, Single Sign-On can be configured in the Administration and Monitoring Console.
Important! Only the ABBYY FlexiCapture administrator can add and configure Single Sign-On on the default tenant. On other tenants, Single Sign-On can be configured by ABBYY FlexiCapture or tenant administrators.
To configure SSO authentication:
1. Launch the Administration and Monitoring Console.
2. Go to Settings -> Single Sign-On.
3. Click Add Configuration.
4. In the dialog box that opens, specify the required parameters:
• Name - the name of the external identity provider that will be contacted when the user clicks the Log in with… button.
• Reference - the URL that will be used to access the server of the external identity provider.
• Upload Image File - the path to the image that will be used for the new button (images in *.svg, *.jpg, and *.png formats are supported).
• Upload Certificate File - the path to the public certificate.
5. Click OK. The new configuration will be added to the list. If required, you can change it by clicking Edit. Note: You can specify multiple identity providers.
6. Select the Assign groups by SSO option if you want to assign ABBYY FlexiCapture groups based on identity provider groups. As for assign groups by SSO, please refer Assigning groups by SSO on Configuring Single Sign-On authentication.
For detailed instructions on using SSO in ABBYY FlexiCapture, see the Single Sign-On authentication section in the System Administrator’s Guide.
Comments
2 comments
Samir Waikar
Hi Maksym,
Nice info. We want to implement sso , so that when a user clicks on some button in clients ERP URL, it will take to flexicapture URL logged in. Please let me know the steps to implement.
Thanks,
Viacheslav Prodan
Hi Samir.
I have created a request on your behalf so that our customer support staff can help you.
Best regards,
Viacheslav Prodan
Please sign in to leave a comment.