Enabling Single Sign-On (SSO) for your bureau is a very useful configuration. While it is generally a straightforward process, there are complexities associated with each individual integration. There will be multiple parties involved in accomplishing this integration. Note: This configuration process must be repeated for every instance of Authentise that must have SSO enabled (ie. testing, staging, development, production).
Participants
IT Lead, Customer
Sr. Engineer, SSO Provider (able to change schema settings, adjust groups, etc)
Sr. Engineer, Authentise
Customer Success Manager, Authentise
Typical Process
Customer submits Zendesk ticket to enable SSO feature for Bureau
Customer Success Manager contacts Customer to request information regarding their SSO provider and answer any questions regarding the process, and gathers participant contact information.
Customer works with SSO Provider to provide Authentise:
URL for SSO Provider
SAML_CERT for SSO Provider
SAML_KEY for SSO Provider
SAML Identity Provider Schema (XML Format)
Authentise provides SSO Provider (via Customer)
SSO consumer URL (for each instance)
Authentise begins integration effort based on provided schema. Authentise CSM will need to request a maintenance window for DevOps to conduct the below:
Write unit-tests for SAML Identity Provider Schema
Evaluate tests and adjust integration customizations
Share results of successful tests to SSO Provider and Customer
Customer and SSO Provider approve tests
Authentise releases any schema adaptations to main codebase to prep for integration
Final Integration Validation Process
Integration Calls: Typically this is accomplished by 2 integration calls between the IT Lead (Customer), Sr. Engineer (SSO Provider), Sr. Engineer, (Authentise).
Anticipated Duration: 1 hour per call. Note: repeated for every instance being enabled
Activity: Collaborative process of debugging and adjusting minor items between Authentise and SSO Provider.
Customer Success Manager notifies Customer SSO has been enabled