Comment on page
Single Sign On
Enabling SAML 2.0 based single sign on for all users in the organization
Single sign-on allows users to log in to the Empuls account with organizational credentials to access all their corporate apps. More importantly, it grants admins the ability to add and revoke user access centrally using an existing identity management tool.
SAML (Security Assertion Markup Language) is a standard protocol that provides identity providers a secure way to let a service provider, such as Empuls, know who a user is. It does this by sending Empuls a cryptographically signed XML document that asserts the user is who they say they are.
Once configured, users can authenticate with the following process:
- 1.Enter the email address on the login page and click on
- 2.The user is redirected to your identity provider interface, i.e., the AD login page.
- 3.The identity provider authenticates the user and redirects the user back to Empuls.
- 4.The user is granted access to Empuls.
Here is the list of few well-known, AD FS supported identity provider systems that are compatible with SAML 2.0 protocol.
Note: Any Identity Provider system that supports SAML 2.0 standards can be integrated with Empuls for SSO.
1. Navigate to Platform Settings --> Integrations --> SAML 2.0 SSO.
2. Click on START SETUP at the top right corner of the SAML SSO Integration page.
3. Download the service provider (Empuls) metadata file and upload it to your identity provider system. Click on CONTINUE to proceed.
4. Upload the IDP metadata (Certificate issued by the identity provider system) to Empuls in the Upload IDP Metadata section. Click on CONTINUE to test the connection with your IDP.
5. You can now test the connection after having uploaded all the required data. You can go back to the previous step in case of errors and make corrections to the IDP metadata as needed.
6. After testing the connection successfully, SSO will be ready to enable for all users.
Enable and Disable SSO options allow you to efficiently manage the user logins during the identity provider system downtime. 'Edit SSO' option lets the admins update the SSO integration in the identity provider system.