Single Sign-On¶
Single Sign-On (SSO) is an ease of access change implemented to give organisations more control over onboarding and offboarding their staff. Users with SSO enabled will enjoy a faster login to VettingGateway - depending on their log in choice, they will be able to login by entering just an email address, or nothing at all!
Note
Single Sign-On is only available to organisations using the Enterprise subscription of VettingGateway.
Enabling Single Sign-On¶
SSO is switched off by default, and will need to be enabled by an Administrator - but even then, you can still login using your email and password if you'd like.
Administrators do have the option to enforce SSO however. If this is done then all Users except the primary User must login using SSO.
Logging in with Single Sign-On¶
Once SSO has been configured and turned on for your organisation in VettingGateway, the next time you login you will see the 'Sign in with your corporate identity' option. Clicking this button will then prompt you to enter your email address, which will then log you in automatically, without needing to enter your password!
Users in your organisation who do not have an account in VettingGateway can also login using SSO without needing to create an account, as SSO will automatically create a User profile for them. This profile will be based on the information provided in Azure AD, and will be automatically assigned your Default User Role
Direct login¶
Once SSO has been configured and turned on for your organisation in VettingGateway, your Users will be able to directly login to VettingGateway by using the link provided in the Admin > User Management > Single Sign-On section.
Configuration/login issue¶
The Primary User in your VettingGateway organisation can always login using their email address and password.
You can check who your Primary User is by going to Admin > Role Management and clicking 'Edit' beside the Admin row. On this page, scroll down until you see the section titled 'Users assuming this role'. Underneath the section title, there will be a message advising that the Admin role for name cannot be removed because they are the Primary User for the organisation.
Administrative functions¶
Setting up Single Sign-On¶
Note
VettingGateway currently only supports Azure AD as an SSO authenticator. You may need your IT team to help set up SSO on Azure AD.
SSO must be configured and enabled by an Admin User.
Go to the Admin > User Management in the side menu, and scroll down until you see the 'Single Sign-On' section. Click 'Configure Single Sign-On', and then follow the on-screen instructions.
Disabling Single Sign-On¶
If you decide to disable SSO after configuring it, simply click the 'Disable Single Sign-On' button.
Note
Disabling this option would mean that SSO authentication is no longer a requirement to access your organisation.