Single sign-on (SSO)
Single sign-on (SSO) authentication is a form of external authentication that allows users to forego the typical account creation process and log in to V‑Spark using their SSO identity provider (IDP). A single V‑Spark system can support multiple companies, and each company uses its own SSO configuration.
The following is a general workflow for configuring and using SSO with V‑Spark:
- Configure the IDP to communicate with V‑Spark. This requires the creation of a client application for V‑Spark on the IDP using the values specified in V‑Spark's
pref_portsystem configuration settings to create sign-in and sign-out redirect URIs. Refer to Configuring SSO for V‑Spark for more details.
- Configure the V‑Spark system to communicate with the IDP. This requires some information from the IDP configuration. Refer to Configuring SSO for V‑Spark for more details.
- Create a V‑Spark company with the Enable SSO option enabled. Refer to Create or modify a company and SSO-Enabled Companies for more details.
- Create, configure, and verify SSO-based user accounts. User accounts created with SSO must be verified and have their read and write permissions set by an administrator before they can be used.
SSO account creation, requesting, and verification follow most of the standard account maintenance procedures described in Create a user account. Refer to SSO-Enabled User Accounts for information about differences between standard and SSO-enabled user accounts.