Creating a header-based SSO authentication integration
A header-based single sign-on (SSO) authentication realm uses an external server for authentication.
Note: Once the SSO setup is completed properly by the admin user and that user
logs out of Velocity,
there is a loss of admin access privileges because of the inability to log back in
as the admin. New users created via the SSO login only have the Viewer and Release
participant permissions by default and the admin cannot change the permissions as
stated previously. Possible solutions for this scenario include the following:
- Set the Measure server to allow direct access from specific IPs that will allow the admin to login.
- Create an SSO user with the Measure admin email address of
admin@admin.com. - Perform an SSO login with a different browser while the local Measure admin navigates to and grants full admin privileges to the SSO user.
As a guideline, Item 3 is the recommended method for preserving admin access privileges to Measure.
To delete a current SSO configuration after it was created, click the Delete Configuration button on the Settings page for SSO.