What requirements are mandatory when implementing Single Sign On (SSO)?
Single Sign On (SSO)
The following steps are required when implementing SSO.
- Add fingerprint of signing certificate to configuration setting SAML_20_SIGN_CERTS. A fingerprint of 54:73:8B:60:42:1D:CF:0C:A4:A8:0E:46:F4:1E:00:D5:E2:10:76:0B should be modified to look like 54738B60421DCF0CA4A80E46F41E00D5E210760B.
Note: This information is only required for Customer Portal implemented with SSO and SSO not setup under "Single Sign On Configurations" in agent console. In addition, ANY-TRUSTED should only be used when setting up and testing SSO for the first time. Once it has been confirmed to be working, this value should be replaced with the fingerprint of the signing certificate.
- Upload signing certificate to File Manager under "Additional Root Certificates". If the signing certificate requires intermediate certificate(s) to be validated, those must be uploaded as well to File Manager under "Additional Root Certificates" or "Additional Intermediate Certificates".
For more information on checking if the signing certificate requires intermediate certificates, refer to answer Validating the signing certificate for SSO.