Single sign-on (SSO) is an authentication method that enables secured user authentication with multiple applications and websites by using a single set of credentials. SSO works upon a trust relationship set up between the service provider and an identity provider, such as Okta. This trust relationship is often based upon a certificate that is exchanged between the identity provider and the service provider.
This certificate can be used to sign identity information that is being sent from the identity provider to the service provider so that the service provider knows it is coming from a trusted source. In SSO, this identity data takes the form of tokens which contain identifying bits of information about the users. Palette supports the following two types of SSO authentication mechanisms:
- SAML Based SSO
- OIDC Based SSO
- To set up an identity provider (IdP) based SSO, sign in to the Palette console as the Tenant Admin.
- Access the Tenant Admin settings area by clicking the Admin button on the left panel.
- Choose the IdP from the Service dropdown menu, select the Tenant Settings from the Tenant Admin menu, and then click from the SSO click SAML on the Palette console to view the SAML panel.
- Toggle the Enable SSO button to bring up the configuration boxes.
- The following parameters will be available for enabling the addition of Palette as a Service Provider into the IdPs:
- NameId Format
- Login URL
- Service Provider Metadata
Using these parameters, Palette should be added as the Service Provider (SP) app in the IdP's configuration. More details specific to IdPs to follow.
The next step is to copy the Identity Provider Metadata from the IdP into the Palette SAML panel. Click on Confirm to complete the setup.