SAML Single Sign-On (SSO)

SAML Single Sign-On (SSO)

Single sign-on (SSO) is an authentication process that allows a user to access multiple applications with one set of login credentials. SSO is a process which happens between two systems.
  1. Identity Provider - An authentication system which contains user credentials and set of application details which can access this system
  2. Service Provider - The system which asks the identity provider for the authentication and gets the response whether the user is authenticated or not.

Benefits of Single Sign-On (SSO)

  1. User can login to multiple applications with same credentials
  2. Reduces Risk by minimising bad password habits
  3. Accelerates user adoption of company promoted apps
  4. It improves security capabilities

How does the SSO flow work?

  1. Service Provider (Vizmo) requests the identity provider using login Service Url for authentication
  2. Identity provider (application) validates whether particular application can access its data or not using the entity-id/name and acs-url
  3. If the request is valid, it loads the login page
  4. User enters the credentials, if the credentials are valid, it redirects to ACS URL with encrypted data added into the query params
  5. The Service Provider, validates the encrypted data using the certificate
SSO is available only in ENTERPRISE PLAN and you should have either admin or location-admin role for set-up.

How to set-up SSO?

  1. Click on the Custom Auth on the left navigation bar in the dashboard
  2. It lands on page with the button at the centre stating Get started
  3. Once you click on it, a form is generated with fields
  4. ACS URL - already filled with url but disabled
  5. Entity ID - already  filled with unique id but disabled
  6. Go to corresponding the Identity Provider complete adding Vizmo application into it and get the login service url and certificate
  7. LoginService - provide the Identity provider login service
  8. Upload Certificate - upload the login service.
  9. Submit
  10. Once you click on submit, you will land on page with filled form details and a toggle ON at the right side stating SSO
  11. You can use the toggle bar to disable and enable the SSO
  12. You can edit the form if needed from edit icon

How to add Vizmo in Identity Provider?

  1. Choose the strategy
  2. Copy the Login service url and download the certificate which are used in the application
  3. Add the ACS url and entity-id/name of the application.
  4. Done

    • Related Articles

    • Microsoft Azure Active Directory Integration

      To get the most out of Vizmo’s features, you’ll need to populate the employee directory. Vizmo supports employee import/export from Azure AD in real time. Integrating Vizmo onto Microsoft Azure AD enables employees directory sync and since all ...
    • About Device Management

      Setting up and updating your devices (kiosks & printers) associated with your Vizmo account   Vizmo's Visitor Management System requires the following interfaces for the best results Dashboard : Requires a browser and an activated Vizmo account. ...
    • Admin Devices

      Devices is the section wherein you can monitor the devices associated with the Vizmo account. It can be kiosk like (Apple iPad or Android Tablet) or a badge printer. To utilize Visitors, you should have an iPad/tablet, which will be the stand your ...
    • Getting started with Visitor Management

      Greet your Visitors with a kiosk based Visitor Management System that notifies the hosts and print visitor badges all through one sleek check-in terminal. The advancement in technology has been making lives simpler over time. Adapting newer ...
    • Touchless VMS

      How Vizmo's Visitor Management System can be used as a visitor screening and contact tracing tool for your work place, all of that with the option of contactless Check-in. It’s more important than ever to know who is entering your building and when ...