ConfigurationSSO

Configuring SSO Overview

Overview

Fynapse uses an internal OAuth2 authentication service. Moreover, Fynapse allows the use of an external Identity Provider for a Single Sign On that supports the OpenID Connect protocol.

The following Identity Providers can be used:

  • Azure AD
  • Okta

Additionally, we can provide support for: PingFederate and OneLogin.

Two-factor authentication is supported for users not using Single Sign On authentication.

Single Sign On Setup

We can enable Single Sign-On with OpenID Connect on a selected instance upon your request.

To request SSO to be enabled first you need to set up SSO in your Identity Provider either for Azure or Okta. Once that is done, you then need to raise a ticket with the Aptitude Software Support and provide the following information:

  • The user with who was assigned the Fynapse Security Administrator role in Fynapse
  • OpenID Connect metadata document URL, i.e. Well-known Configuration URL
  • Client ID

    For Azure this is the Application ID.

  • *Encryption password (optional step, required only if credentials are sent in an encrypted attachment)
    The encryption password is only required when you need to send us the “Client secret“ in a secure way, i.e. as an encrypted attachment to an email sent to your Solution Consultant. Then we can open the attachment from the email using the encryption password provided in the ticket.

We will enable the SSO and let you know in your ASD ticket.