Single Sign On (SSO) Integration with Yonyx
Yonyx Platform supports Single Sign On (SSO) Integration through SAML2.0 (Security Assertion Markup Language) protocol. SAML2.0 is an XML-based open standard data format for exchanging authentication and authorization data between an Identity provider and a Service provider. This enables you to control creation and termination of users through your existing user database/identity provider. Please click here to learn more about SAML protocol.
Used by almost all Cloud apps (including the likes of Salesforce.com) for enabling SSO with your Active Directory or LDAP authentication, SAML2.0 based integration involves setting up a trusted relationship between your organization and Yonyx. In this relationship, your organization is setup to be a SAML Identity Provider, while each Line of Business under your Yonyx sub-domain is configured as a SAML Service Provider. To learn how to setup your organization as a SAML Identity Provider (Idp) – please click here.
We need the following technical information to setup SAML2.0 based integration with your organization:
- Token signing certificate: An X.509 certificate in PEM(.crt) format – e.g.
……………… AND MANY LINES LIKE THAT ………………..
- SAML login URL: The IDP URL where Yonyx will submit SAMLRequests e.g. https://sso.yourcompany.com/adfs/ls/
This is what your team will need to set up Yonyx as a Service Provider:
- SAML Meta Data URL: The URL you (IDP) will look up for Service Provider meta data.
- SAML Consumer URL: The URL where you (IDP) will submit SAMLResponses
- SAML Logout URL: The URL used by you (IDP) to log the user out of Yonyx
After logging into http://www.yonyx.com as a Yonyx Admin, choose the Administration Console drop-down, then choose the Line of Business you want to integrate with, and choose any catalog. You will find the URLs you need above here:
Once configured, SAML based integration not only saves time for each User from having to register with Yonyx, but also serves as a way to give access to Yonyx Interactive Guides to authorized users who are authenticated by your organization!