Single sign-on
As a cloud application, Network requires that a customer’s IdP is accessible from the internet, either directly or through some kind of broker or gateway.
For example, Network can integrate with a customer’s internal Microsoft Active Directory (AD) implementation through a third-party identity management solution such as Okta™, Ping Identity™, or Symplified™.
SSO can be initiated by one of the following:
- Identity Provider (IdP): Service responsible for user authentication and authorization.
- Service Provider (SP): Application, such as Network, to which the IdP gives users access.
Note: User accounts with SSO enabled can no longer be accessed using their regular Network credentials.
Benefits of using SSO
- Users can access multiple secure applications without having to sign into each one separately.
- Administrators can see user names instead of just user types for monitoring Network activity.
- Users can be automatically created or inactivated.
SSO walkthrough
Use the following walkthrough to get a high-level look at the SSO configuration process.
Enabling this feature
The following tasks are required:
- Administrator
Add and configure a Network application on the identity provider's site.
Example configurations:
- Configure IdP details and map attributes in Network.
- Create and assign a security policy for SSO users.
User activities
The following activities are available depending on the user type:
| Activity | Standard User | Data Steward | Data Manager | Administrator |
|---|---|---|---|---|
| Configure SSO SAML settings |
|
|||
| Provision users |
|
|||
| Log in using SSO |
|
|
|
|