Single Sign-On allows you to determine who has access to the UpSlide Account Portal by way of your existing identity provider.
Benefits
- Your UpSlide license managers will be able to access the Portal with your organization's identity provider system.
- Give your organization centralized control over who has access to the Portal.
Pre-requisites
- An identity provider system compatible with Open Id Connect.
- An integration manager profile in the Portal (or email support@upslide.net to help check with your account team and assign an integration manager).
Configuration with Azure AD
In Azure AD
- Create a new App Registration.
- Select Accounts in this organizational directory only (Single tenant).
- Set the Redirect URI to Web: https://portal.upslide.net/.
- In the new registration created, create a new secret in Certificates & secrets. Make sure to copy the Value of the secret.
- Take note of the Application (client) ID and the Directory (tenant) ID.
To finalize the configuration in Azure AD, go to API permissions to Grant admin consent for the tenant.
In the Portal
- Log in to the UpSlide Portal, and go to Configuration > Advanced.
- Click Add a new configuration.
- Input the right information in the different fields:
- Display name: the name of your choosing.
- Endpoint Authentication: https://login.microsoftonline.com/Directory (tenant) ID/oauth2/v2.0/authorize
- Endpoint token: https://login.microsoftonline.com/Directory (tenant) ID/oauth2/v2.0/token
- Client ID: Application (client) ID.
- Client Secret: the Value of the secret.
Assign a configuration to a license manager
You can choose which SSO configuration you want for each license manager. To assign a configuration, you can follow these steps:
- In the Portal, go to the Admins access page.
- Choose an administrator and click on the pencil to edit their access or create a new one.
- In SSO Configuration, you can select the configuration. If no configuration is selected, they will have to use a password to log in.
- Click OK.
After you apply the setting, the license managers only need to input their email on the log-in page and click on the Log in button. They will be redirected to your identity provider login page to access the Portal.
Using a different identity provider than Azure AD?
As long as your identity provider is compatible with Open Id Connect, the steps above will still apply. You will need to find the equivalent in your own platform:
- New app registration and secret
- Application (client) ID and Directory (tenant) ID.
- Granting consent as admin.
Example:
For AD FS configuration, we recommend you follow the steps of this Microsoft documentation.