Configuring Single Sign-on in your Ziflow Account
Summary: Ziflow supports Secure Assertion Markup Language (SAML), which allows you to provide single sign-on to your users. The benefit of Single Sign-on (SSO) is that your users will be able to sign in to Ziflow by using your organization's default authentication system, such as Active Directory.
Where is this feature located: As an Administrator, you can configure SSO in the “Settings” section.
Configuring SAML for your account:
- SSO type: list of supported SSO solutions: SAML 2.0 & Custom Social Connection
- Sign in URL: this is the URL Ziflow will invoke to redirect users to your Identity Provider
- X509 Signing Certificate: Identity Provider public key encoded in PEM or CER format
- Sign out URL: this is the URL Ziflow will return your users to after they log out
- Binding protocol: The HTTP binding supported by the identity provider
- Enable/disable: Once enabled, your users will sign in using your organization's authentication system
Once you've entered the information, we'll provide the required information you need for your Identity Provider:
- Callback URL: the target where the SAML response will be sent to
- Settings: if required the “audience” information is provided
- Backdoor SSO URL - log in using this URL in case of issues with SAML connection.
- If a user accesses Ziflow through the default log in page and tries to sign in, they will automatically be redirected to your account's personalized Ziflow sign in page. Therefore, when SSO is enabled, it is recommended to log in through your account's ZIflow sub-domain/domain.
- Single Sign-on (SSO) is available on the Enterprise Edition