Skip to main content

Configure SAML (Single Sign-On) authentication on Josys

This article explains how to enhance Josys platform security with a step-by-step guide on configuring SAML authentication using trusted Identity Providers.

Note: Single Sign-On (SSO) can be configured only for IdPs supported by Josys. Currently, Josys supports Okta and OneLogin.

Prerequisites

Ensure you have administrative access to both Josys and your chosen Identity Provider (IdP).

Follow the steps below to enable SAML (Single Sign-On) authentication:

Step 1: Navigate to the Security tab on the side panel and select SSO (SAML authentication).

Step 2: To begin the configuration, click on Configure SSO.

Step 3: Copy the 'ACS URL' and 'Entity ID' from Josys

Step 4: Select your IdP from the IdP drop-down list.

Step 5: Follow the steps below to configure your IdP.

If you're using Okta:

  1. Access Okta's Admin dashboard and navigate to `Applications > Applications`.
  2. Select `Create App integration`.
  3. Choose `SAML 2.0` and proceed by clicking `Next`.
  4. Follow the SAML setup instructions available on the "Sign On" tab.
  5. Register the displayed items on the Josys platform.
  6. Once filled out, click `Registration` located on the Josys SSO Setup popup.
  7. Assign the appropriate users or groups in Okta to use SSO. Navigate to `Assignments`, select
  8. `Assign`, and choose the relevant people or groups.
  9. Finally, on Josys, click on `Authentication Test` to verify the setup.

If you're using OneLogin:

  1. Access the OneLogin Admin dashboard and select `Applications > Applications`.
  2. Click on `Add App`.
  3. Search for and select `SAML Custom Connector (Advanced)`.
  4. Set the desired `App Name` and save your settings.
  5. In the `Configuration` menu, update the necessary settings and save.
  6. Navigate to the `SSO` menu and adjust the `SAML Signature Algorithm` to `SHA-256`, then save.
  7. Register the settings displayed on the Josys platform.
  8. Once details are entered, click `Registration` on the Josys SSO Setup popup.
  9. In OneLogin, assign users for SSO. Navigate to `Users > Users`, select the relevant user, and assign the Josys app you previously created.
  10. Back in Josys, click `Authentication Test` to ensure everything is set up correctly.

Step 6: After successful configuration and testing, click Enable SSO to activate the SSO settings for your users.

Note: Ensure you review all settings and test the Single Sign-On functionality before rolling it out to all users.

Related articles