Setting Up SSO Authentication

CONTENTS

Home

Logging in to bipp is quick and easy for your users when you set up Single Sign On (SSO) to manage your user authentication from a centralized location.

  • bipp supports Single Sign On (SSO) with external Identity Providers (IdP).
  • Authentication uses Security Assertion Markup Language (SAML) version 2.0.
  • bipp supports Identity Provider-initiated login. It is mandatory to initiate a Sign-in request from the Service Provider (bipp).
  • IdP should return the user’s full name, email address as a response to a successful SAML assertion.
  • Integrate SAML SSO with Active Directory Groups to use Active Directory for resource authorization.
  • New users logging into bipp via SSO and SAML are automatically added to the organization.
Configuring IdP registers bipp as a Service Provider. Contact the bipp Customer Success Team for more details.

Configuring SSO Authentication

You must have the Tenant Admin role to configure SAML SSO for your organization.
  1. Configure bipp as a Service Provider in your IdP. You need the IdP Metadata XML file as part of the bipp set up.

  2. Enable Development Mode.

  3. Click Settings in the Navigation pane.

  4. Click SSO.
    Navigation Pane

  5. Select your IdP from the IDP Name drop-down list. If your IdP is not listed, contact the bipp Customer Success Team. You can have one IdP per tenant.
    SSO IDP Name

  6. Paste the contents of your IdP metadata XML file into the Profile text box.
    SSO IDP Profile

  7. Click Create.

Once the profile is configured, the SSO Login option is available to your users on the bipp login screen.
SSO Login

Updating SSO Authentication

  1. Enable Development Mode.
  2. Click Settings in the Navigation pane.
  3. Click SSO.
  4. Change the IDP Name and/or Profile information.
  5. Click Update.

Deleting SSO Authentication

  1. Enable Development Mode.
  2. Click Settings in the Navigation pane.
  3. Click SSO.
  4. Click Delete.

SSO Authentication is shut off, and users no longer see the SSO Login option.