Setting up SSO - Other Providers

Follow
We're transitioning to a new User Interface, and are in the process of updating Help Hub content to match the new interface.

SSO (Single Sign On) authentication allows you access your company’s applications and websites with a single set of login credentials.

Planning Maestro supports SSO authentication for any SAML 2.0 compliant identity providers. Please see below a list of just some of the identity providers that are compatible:

  • Okta
  • OneLogin
  • Azure AD
  • RSASecurID
  • Idaptive
  • Ping
  • CA Technologies
  • (...and more. Ask Centage Support).

With SSO enabled, your company will need to designate an SSO Admin user who can set up SSO for your company.

This document shows you, the SSO Admin, how to set up SSO for your company using RSASecurID, Idaptive, Ping, CA Technologies.

Info.png Please Note: If Okta, OneLogin, or Azure AD is your SSO provider, please see Setting up SSO – Okta, Setting up SSO – OneLogin, or Setting up SSO - Azure AD for specific instructions.

Step 1: Open your SSO Provider account. Add Planning Maestro to the list of apps recognized by your SSO provider.

 S1.png

 

Step 2: Fill out the remaining required fields for the Planning Maestro app. These fields request information about the app itself.

  • For any "application name" fields (might be called Audience, Entity ID, Audience Restriction, etc.)
    enter: planning-maestro.

    Example.png Example from Okta (note that different SSO providers use different names for these fields):
    S1d.png
  • For any field that requests a URL (SSO Login URL, Recipient URL, Destination URL, etc.)
    enter: https://domainname.planningmaestro.com/saml/SSO
    *(enter your Planning Maestro domain name in place of “domainname” in the URL).

Step 3: Enable all company users who require access to Planning Maestro to use the Planning Maestro app within this SSO solution.


When adding each user, ensure to include their Planning Maestro username by using the following steps:

  • Add a custom user field named planningMaestroUserName and use it to send each user's Planning Maestro username that matches how their accounts were created within Planning Maestro.

Custom user field created for Planning Maestro username for Emma Employee (eemployee):

S1a.png

Warning.png Please Note: During configuration with the SSO provider Azure AD, you have the option to add a namespace as a custom field. Please do not include a namespace here, only a Name and Attribute.

Namespace.jpg

  • (if you cannot add a custom field) use a displayName or username field.

Display name or Username field for Planning Maestro username when you cannot add a custom field:

S1b.png

Info.png Please Note: If their Planning Maestro usernames are not recorded in this SSO solution, these users cannot access Planning Maestro through SSO.

Step 4: Save the URL your SSO provider gives you for its portal.

Different providers call this URL different names, but it should look something like this: https://app.ssoprovider.com/saml/metadata/6bc5683c-647g-1uvo-hemf-7349j5n32op4

Example of a Metadata URL: OneLogin, an SSO provider, calls this URL the Issuer URL.

I1r2.png

Step 5: Save your changes. Then, use Setting up SSO in Planning Maestro to finish.

0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.