Single Sign On
Single sign-on allows users to log in to the Empuls account with a single credential to access all their corporate apps. More importantly, it grants admins the ability to add and revoke user access centrally using an existing identity management tool.
Our single sign-on integration is based on SAML 2.0 protocols.

How SAML works?

SAML (Security Assertion Markup Language) is a standard protocol that provides identity providers a secure way to let a service provider, such as Empuls, know who a user is. It does this by sending Empuls a cryptographically signed XML document that asserts the user is who they say and some basic user information.
Once configured, users can authenticate with the following process:
    Enter the email address on the login page and click on PROCEED
    The user is redirected to your identity provider interface, i.e., the AD login page.
    The identity provider authenticates the user and redirects the user back to Empuls.
    The user is granted access to Empuls.

Supported identity providers

Here is the list of few well-known, AD FS supported identity provider systems that are compatible with SAML 2.0 protocol.
Note: Any Identity Provider system that supports SAML 2.0 standards can be integrated with Empuls for SSO.

How do I set it up?

Empuls allows program managers to set up the SSO integration themselves through a do-it-yourself interface under the Platform Settings page. Here are the steps:
1. Navigate to the Platform Setings > Integrations. Here you will be able to see the SAML 2.0 SSO integration as an option.
2. Initiate the integration by clicking on the START SETUP button on SAML 2.0 SSO page
3. Download the service provider (Empuls) metadata file and upload it to your identity provider system. You will be able to proceed with the integration after you have uploaded the certificate successfully.
4. Upload the IDP metadata (Certificate issued by the identity provider system) to Empuls in the Upload IDP metadata section.
5. You can now test the connection after having uploaded all the required data. You can go back to the previous step in case of errors and make corrections to the IDP metadata as needed.
6. After testing the connection successfully, SSO will be ready to enable for all users.

Manage SSO

Enable and Disable SSO options allow you to efficiently manage the user logins during the identity provider system downtime. Edit SSO option lets the program managers update the SSO integration in the identity provider system.
Last modified 4mo ago