Skip to main content
All CollectionsProject Administration
Single Sign-On (SSO) with OpenSpace
Single Sign-On (SSO) with OpenSpace
Updated over 2 months ago

Permissions

Task

Viewer

Editor

Site Admin

Org Admin

Set up SSO

Use SSO login

Prerequisites

To set up SSO, you must first contact your Account Executive with your request.

Overview

Single sign-on (SSO) is an identification method that enables users to log in to multiple applications and websites with one set of credentials. SSO streamlines the authentication process for users by either setting up OIDC or SAML. If enabled, SSO will allow each user to sign in to a central identity provider in order to access OpenSpace on web or mobile. OpenSpace supports SSO integration with the following:

  • OIDC - E.g.: Okta (preferred)

    • Note: An Okta tile must be configured using the SAML IDP initiated flow.

  • SAML 2.0 - E.g.: Azure

How to set up SSO with OpenSpace—OIDC

  1. After completing the request with your Account Executive, OpenSpace Support will be tasked with processing/setup.

  2. OpenSpace Support connects with your point of contact via email to provide the connection name and callback URL.

  3. Your IT team will complete the Okta application integration in your Okta environment.

  4. During creation of the OpenSpace tile in Okta, a Client ID and Client Secret code will be displayed to share with OpenSpace:

    • Copy this data into https://share.doppler.com/ and share the link. (Do not share this data in the email thread.)

    • Note: Under Allowed grant types, ensure Authorization Code is selected.

  5. After copying your data in step 4 please reply to the Support email with the following information:

    • Okta domain

    • List of email domain(s)

      • Note: these email domains should be ones your organization owns

    • Doppler link that contains the Client ID and Client Secret

    • Desired test-by date and go-live by date

      • Note: your go-live by date can be the same day as your test-by date, or later

  6. OpenSpace configures on the backend in preparation for testing.

  7. Testing day comes around with success and/or questions.

How to setup SSO with OpenSpace—SAML

  1. After completing the request with your Account Executive, OpenSpace Support will be tasked with processing/setup.

  2. OpenSpace Support connects with your point of contact via email to provide the connection name and post-back.

  3. Your IT team will then reply to that email with the below items:

    • X.509 signing certificate

    • List of email domain(s)

      • Note: these email domains should be ones your organization owns

    • SSO login URL for your identity provider

    • Name of the SAML attribute that will map to an email address

    • Do you want IdP-initiated turned on?

    • Desired test-by date and go-live by date

      • Note: your go-live by date can be the same day as your test-by date, or later

  4. OpenSpace configures on the backend in preparation for testing.

  5. Testing day comes around with success and/or questions.

FAQ

Can MFA be enabled through OpenSpace with SSO?

The experience would not be ideal for MFA to be enabled through OpenSpace, but your IT team can set that up via the SSO option on your backend.

If you have any additional questions please reach out to the OpenSpace Support team at support@openspace.ai.

Did this answer your question?