Set Up SSO
| Platform: | WebMobile |
|---|---|
| Plan Type: | BasicEssentialPremiumEnterprise |
| User Type: | RequesterFull UserAdministrator |
This article covers the major steps you need to follow to set up single sign-on (SSO) for MaintainX. Some steps in this article link to more detailed step by step instructions.
Configure SSO for Your Identity Provider​
The process for setting up SSO in MaintainX varies depending on your identity provider (IdP). The following articles have step-by-step configuration instructions for the IdPs MaintainX users use most often:
If you need more help setting up SSO with your IdP, contact MaintainX Support.
Test Your SSO Setup​
After you set up SSO for your IdP, you can test the configuration to make sure it works.
To test the SSO configuration:
- In the MaintainX Single Sign-On Configuration dialog, copy the Start URL to the clipboard.
- In a web browser, open a private browsing (Incognito) window.
- Paste the Start URL into the address bar and follow the link.
- Log into MaintainX using your SSO credentials.
If your login attempt succeeds, the configuration works.
Set Up Routing Rules for Your Domains​
Routing rules automatically redirect users with email addresses from your company's domains to log in via SSO.
You can set up routing rules for as many domains as you need. However, you must have at least one verified email address for each domain set up already for the routing rule to work.
Use the Start URL to verify the first email address for a given domain.
To set up routing rules for your domains:
-
In the MaintainX Single Sign-On Configuration dialog, go to the SAML Configuration section.
-
In the Email Domains field, enter a comma-separated list of all the domains you want to redirect to your SSO login.
For example:
myfirstdomain.com, myseconddomain.net, mythirddomain.info
Set the Default Role for New SSO Users​
When a user logs in from your domain and doesn't have an account yet, MaintainX creates a new account automatically. You can specify which user role MaintainX assigns to new accounts by default.
To set the default role for new users:
- In the MaintainX Single Sign-On Configuration dialog, go to the SAML Configuration section.
- Set the Default Role to the role you want new accounts to have.
After MaintainX creates an account, you can edit the user profile to assign a different role. For example, you might want to create all user accounts with the Requester role, and then upgrade specific users to Full User, Administrator, or a custom role.
For more information about user roles and permissions, see User Roles and Permissions.
Migrate Existing Users to SSO​
When you set up SSO for an existing organization, existing users don't switch to SSO authentication automatically. You have to update their accounts to use SSO.
For step-by-step instructions, see Migrate Existing MaintainX Users to SSO.
Enable SSO for Other Organizations​
After you set up SSO for one MaintainX organization, you can enable it for any other organizations your company has. When you enable SSO for another organization, MaintainX applies the same settings you configured when you first set up SSO.
For step-by-step instructions, see Enable SSO for Multiple Organizations.