Single Sign On (SSO)

Hint

This feature is available as of version 1.12 and needs to be activated. If you would like to use it, please get in touch with your Pentos consultant.

The SSO Feature

Hint

The Feeder SSO feature is based on the SAML standard.

In the course of a major data migration project the Feeder was enhanced by SSO capability. It allows for granting access to over 300 Feeder data coordinators (HR) without explicitly asking for username and password when logging in. In this way, Feeder apprears to be a built in tool of the software that forwards the user to Feeder.

Prerequisites:
  • User accounts in Feeder based on the email address that is known by the identity provider (case-sensitive!)
Access:
  • Click the link from the software that serves as the identity provider
  • Call the regular Feeder URL without index.html and add /saml/sso.do

In the course of authentication, the following windows might appear before the Feeder workspace will be loaded:

image8

image9

SSO Dialog Window

image12

This screen will show after a successful login via SSO. The text displayed can be changed in the Language Configuration under login.

image13

The user may decide whether he or she shall be logged in automatically in the future.

  • Clicking NO, no checkmark: No automatic login will take place. The user will be asked again. The decision will take effect as of midnight.
  • Clicking NO, with checkmark: No automatic login will take place. The user will be asked again in 90 days. The decision will take effect as of midnight.
  • Clicking YES: The checkbox is irrelevant. The user will be logged in automatically even after logout. The decision will take effect immediately.

The functionality is based on a cookie. If a user has not logged in during the last 90 days, the cookie will expire and the user will be asked again.

Combined Login Methods (SSO and Username/Password)

Important

Feeder covers three distinct login methods (as of v1.10):
  • Username/password only
  • SSO only
  • Username/password and SSO in parallel (combined)

image10

When SSO is enabled in your Feeder instance, an additional Single Sign On login button will be available. When clicking on the regular Go to Login button it will show as well.

image11

Important

Please read more on how the combined login methods affect creating new user accounts under SSO User Flag.