.. _sso-users-and-login: SSO users and login ------------------- .. _19.3.4-PB5|EKB-8995: .. _21.1|EKB-8995: Overview .......... When creating a system user using Single Sign-On (SSO) authorization, the SSO Identity Provider (IdP) must be specified, and the SSO username. Login URL .......... SSO users log in at these URLs, which point to the IdP for SSO authentication with VOSS Automate, and eventual redirect to the relevant interface: * SSO log in URL: ``{{"https://{host name}/sso/{Login URI}/login}}"`` Example: ``https://host.Agency1.CustomerA.com/sso/CustomerA/Agency1/login`` .. note:: This URL format also applies to self-service users. * Admin role log in URL: ``{{https://{host name}/admin/sso/{Login URI}/login}}`` This URL is specific to the admin role. It points to the IdP for SSO authentication, and redirects to the admin portal: ``{{https://{host name}/admin/sso/{Login URI}/login}}`` .. note:: SSO URLs redirect to the default ``admin`` portal, with endpoint: ``/portal/``. See also the section on SSO Users at: :ref:`log-in-to-admin-portal`. IdP(SSO) credentials ..................... Log in using the relevant SSO identity provider (IdP) credentials. .. _sso-scenarios-for-user-roles: SSO scenarios for user roles ...................................... The table maps user roles to the log in URLs - single role or multiple role (includes Authorized Admin Hierarchy): .. tabularcolumns:: |p{2cm}|p{1cm}|p{9cm}|p{2cm}|p{2cm}| ============== =========== ======================================================= ========================= ========================== User Role Auth Admin? URL used UI (Session Limiting) Expected Behavior ============== =========== ======================================================= ========================= ========================== selfservice Yes https:///sso//login administrator Redirect to Self-service selfservice Yes https:///admin/sso//login administrator Redirect to Admin Portal selfservice No https:///sso//login selfservice Redirect to Self-service administration Yes https:///sso//login administrator Redirect to Admin Portal administration Yes https:///admin/sso//login administrator Redirect to Admin Portal administration No https:///sso//login administrator Redirect to Admin Portal administration No https:///admin/sso//login administrator Redirect to Admin Portal ============== =========== ======================================================= ========================= ========================== Administrators set up with SSO but who have multiple user roles and who wish to access the *Self-service* interface must navigate to the Self-service portal URL upon login: :: https:///selfservice/#/