Managing single sign-on

Edit online

IBM® Envizi ESG Suite supports single sign-on (SSO) by using SAML 2.0.

Your system administrator can set up SSO in Envizi ESG Suite for your organization. If the SSO option is not visible in the Admin menu, contact IBM Support. To set up SSO, you must collaborate with your IT department to provide them with the service provider (SP) metadata for input to your organization's IdP application. Your organization must then provide IdP metadata or a URL, which is uploaded to Envizi ESG Suite to complete the setup.

When the single sign-on setup process is complete and is enabled for your organizations, the Logon Method is set to single sign-on by default for all users. To change this setting for a specific user so that they need to login as a non single sign-on user by entering a username and password, select Set as Non-SSO from the Actions menu in the Contacts & Logins grids.

The Contacts & Logins grid shows which logon method is assigned to each user, either SSO or Non SSO.

For information about using SSO to authenticate users in a sandbox environment, see the related link.

Key steps to enable single sign-on in Envizi ESG Suite

  1. Review the prerequisites.
  2. Configure SSO settings in Envizi ESG Suite and download a service provider (SP) metadata file in XML format.
  3. Set up SSO in your identity provider (IdP) application, for example, Okta or Microsoft Azure, by uploading the metadata XML file from Envizi ESG Suite. Typically, your IT department does this step.
  4. Generate either an IdP metadata file in XML format or preferably, a URL from your identity provider application. The IdP metadata file contains the certificate and other required SSO registration information that Envizi ESG Suite requires.
  5. On the SSO Settings page, either upload the IdP metadata file into Envizi ESG Suite, or configure the IdP URL.
  6. Do a test to verify that the SSO configuration has been set up successfully between Envizi ESG Suite and your IdP application. For more information about how to test the SSO configuration in Envizi ESG Suite, see Testing single sign-on configuration.
  7. Enable SSO in the Envizi ESG Suite SSO settings page.