What is Single Sign-On?
Single Sign-On is the ability to sign into different applications using a single username and password. This feature provides your users with easy access to Audit Manager, without needing any additional on-site components.
Note: Single Sign-On is considered an add-on service and may not be included in your subscription plan. Please reach out to your Healthicity Account Manager to verify if you have added this service to your contract.
What systems can Healthicity connect with?
Healthicity can work with a number of different SSO providers. We support any SSO Provider that uses SAML, including but not limited to: ADFS, OneLogin, Google SAML, Microsoft Azure, or Okta.
What are the benefits of Single Sign-On?
Creates an Enhanced User Experience.
- Users are automatically signed into the application.
- Users do not have to repeatedly enter their passwords.
Setup is Easy to Deploy and Administer.
- No additional components needed on-premises to make this work.
- Works with any method of cloud authentication.
Directions for Enabling SSO:
A. If you are using ADFS or Google SAML:
- Idp_sso_target_url - The URL to which the authentication request should be sent. This would be on the identity provider, for example: https://adfs.example.com/adfs/ls/
- Idp_slo_target_url - Identity provider logout URL, for example: https://adfs.example.com/adfs/ls/?wa=wsignout1.0”
- Idp_cert_fingerprint - The certificate fingerprint, for example: “90:cc:16:f0:8D:a6:D1:c6:BB:27:2D:ba:93:80:1A:1f:16:8e:4E:08”. This is provided by the identity provider when setting up the relationship.
- Idp_certificate - Certificate in PEM format.
- Email address of logged-in user as name ID.
B. If you are using OneLogin or Okta:
- Idp_sso_target_url - The URL to which the authentication request should be sent. This would be on the identity provider, for example: https://CLIENTNAME.onelogin.com/ for OneLogin and https://CLIENTNAME.oktapreview.com/app/xxx_healthicity_1/1234/sso/saml for Okta
- Idp_cert_fingerprint - The certificate fingerprint, for example: “90:cc:16:f0:8D:a6:D1:c6:BB:27:2D:ba:93:80:1A:1f:16:8e:4E:08”. This is provided by the identity provider when setting up the relationship.
- Idp_certificate - Certificate in PEM format.
- Idp Entity ID – Entity ID of Healthicity app. For example, 123 is the entity ID in these URLs: https://app.onelogin.com/saml/metadata/123 for OneLogin and http://www.okta.com/123 for Okta.
- Email address of logged-in user as name ID.
Working With Healthicity
You will need the following information from Healthicity for testing to begin:
- Relying Party Identifier: https://CLIENTSUBDOMAIN.uat.auditmanager.healthicity.com
- SAML Consumer Endpoint: https://CLIENTSUBDOMAIN.uat.auditmanager.healthicity.com/saml/consume
Once Healthicity is ready to begin testing, you will need to provide a test user within your system. You will need to send them their username, email address, and password. Healthicity will use those credentials to test the Single Sign-On connectivity. Once the test credentials lead to a successful login, Healthicity will provide the details for integrating with the production environment, and the exercise will be repeated in the production environment. Once a successful login has been verified, the Single Sign-On setup will be complete.
If you have any questions, please feel free to reach out to us at support@healthicity.com, and we can provide assistance.
Comments
0 comments
Please sign in to leave a comment.