Overview
In addition to logging in with a user name and a password, it is also possible to log in via Single Sign-On (SSO).
If the property Enable Single-Sign-On of a user is enabled, the user can log in via SSO. The property can be found in the lower part of the user settings:
Location
Identity providers (IdPs) for the SSO users can be created and configured at Single-Sign-On settings tab of the System information page:
Configuring Single Sign-On
Please be aware that clicking the checkmark (see screenshot below) will write your changes to NG's configuration immediately:
Adding new record to the table requires following attributes:
Provider key - custom unique provider identifier
Display name - name displayed on login page
Issuer URL - URL of the provider endpoint
Client UD - ID as configured at the provider
Client secret - Secret as configured at the provider
Logging in with SSO
The display name of a configured identity provider will be shown on the login page. In our example: to log in via the IdP with the display name Microsoft click on LOG IN VIA MICROSOFT:
.png "image(71).png")
Each configured IdP will display a log-in button on the login page.
Logging in with credentials
If you want to log in with a username and a password, click instead "Log in with credentials". This will bring you to this screen:
.png "image(72).png")
Limitations
Please be aware that SSO users can neither edit nor create non-SSO users. This is forbidden on purpose. This way it is ensured that users who are no longer employees of the company (and are off-boarded at IdP side) don't keep access to NG and cannot find another way to decouple their accounts from the SSO.