SSO Configuration

SSO Configuration

An Admin can enable and disable SSO, and configure IdP settings. Also your service provider’s details are displayed on the SSO Configuration page. This workflow is explained in vendor-specific detail in the Okta and Entra ID SSO articles.

Admins can configure SSO identity provider details and see service provider details. SSO can be enabled/disabled from Settings > Users, on the SSO Configuration tab. An admin can configure SSO identity provider details and see service provider details.

  1. Go to Settings > Users and click SSO Configuration.
  2. Enter Identity Provider information:
    FieldDescription
    Identity Provider Issuer URLIdentity Provider Issuer URL
    Identity provider SSO URLIdentity provider single sign on URL
    Identity provider SLO URLIdentity provider single logout URL
    Public x509 CertificatePublic x509 Certificate string.
  3. View Service Provider information (provided for configuration in the SSO dashboard).
    FieldDescription
    Service Provider Entity IDService Provider Entity ID URL.
    Service Provider ACS URLService Provider assertion consumer service URL.
    Service Provider SLS URLService Provider single logout service URL.
  4. Click Save.

Note that if you migrated the domain or IP address of the machine where CE is deployed, you will need to disable the SSO toggle, and then re-enable it in order for CE to apply the change. After this, you need to update your SSO vendor details (like Okta) with the updated details in the SSO Configuration tab in CE UI. (For detailed steps, please refer to the bottom of this troubleshooting page.)

Configure Force Authentication

  1. Go to Settings > Users > SSO Configurations.
  2. If toggle is enabled, users will be forced to re-authenticate on every login of CE, even if they have a valid session.
Share this Doc

SSO Configuration

Or copy link

In this topic ...