Setting Up SSO Authentication
Logging in to bipp is quick and easy for your users when you set up Single Sign On (SSO) to manage your user authentication from a centralized location.
- bipp supports Single Sign On (SSO) with external Identity Providers (IdP).
- Authentication uses Security Assertion Markup Language (SAML) version 2.0.
- bipp supports Identity Provider-initiated login. It is mandatory to initiate a Sign-in request from the Service Provider (bipp).
- IdP should return the user’s full name, email address as a response to a successful SAML assertion.
- Integrate SAML SSO with Active Directory Groups to use Active Directory for resource authorization.
- New users logging into bipp via SSO and SAML are automatically added to the organization.
Configuring IdP registers bipp as a Service Provider. Contact the bipp Customer Success Team for more details.
Configuring SSO Authentication
You must have the Tenant Admin role to configure SAML SSO for your organization.
-
Configure bipp as a Service Provider in your IdP. You need the IdP Metadata XML file as part of the bipp set up.
-
Enable Development Mode.
-
Click Settings in the Navigation pane.
-
Click SSO.
-
Select your IdP from the IDP Name drop-down list. If your IdP is not listed, contact the bipp Customer Success Team. You can have one IdP per tenant.
-
Paste the contents of your IdP metadata XML file into the Profile text box.
-
Click Create.
Once the profile is configured, the SSO Login option is available to your users on the bipp login screen.
Updating SSO Authentication
- Enable Development Mode.
- Click Settings in the Navigation pane.
- Click SSO.
- Change the IDP Name and/or Profile information.
- Click Update.
Deleting SSO Authentication
- Enable Development Mode.
- Click Settings in the Navigation pane.
- Click SSO.
- Click Delete.
SSO Authentication is shut off, and users no longer see the SSO Login option.
