Enabling SSO authentication for Google ID
Sterling Store Engagement includes the Single-Sign On (SSO) for Google ID
authentication so that business users can use their Google account credentials to log in to the
application.
Before you begin
Note:
- The User ID or Login ID must not contain the @ character. If you are creating users by using the
Applications Manager, the User ID field must not contain the @ character and if you are creating
users by using the
createUserHierarchyAPI, theLoginidattribute must not contain the @ character. - Adding Google credentials to an existing user in IBM® Sterling Order Management System
does not
map the Sterling
Order Management System user with the Google user. For this purpose, you must delete
and recreate the user. You can delete the user from Sterling
Order Management System by using either
the Applications Manager UI or calling the
deleteUserHierarchyAPI.
Procedure
What to do next
Once the SSO is successfully set up, you can access the application by using your Google
credentials. For example, when you access
http://<IP_ADDRESS>:<PORT>/isf/store/index.html, you will be redirected to
the Google Login page. On successful login, the application home page is displayed.- If the Google user is not mapped to an IBM Sterling Order Management System user, the application Login screen is displayed and an appropriate error message with a link to Login with Google ID. (Any active Google session is logged out in the background)
- When you log out from the application, both the application and your Google sessions are logged out.
- Similarly, if you attempt an action on the application UI when the session is expired, the
application Login screen is displayed with a link to
Login with Google ID
. All the active Google sessions are logged out.
Notes:
- Even if users are actively working for 13 hours after logging in, the session expires so they need to re-login after 13 hours.