Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Updated the digi-accordion macro with the following parameter(s): []


Panel
borderColor#72B0DE
bgColor#72B0DE#F0F0F0


Digi accordionexpand
titleGeneral

About SummitAI IT Management Suite

Signing In

Describing the User Interface

Alerts and Approvals

Viewing and Updating Your Profile Details

Global Search

Personalizing Pages

Forgot Password

Logging Out

Delegating Role

Signing In As Another User

Switching Tenant

Searching Users

Help File Conventions


true
Digi accordionexpand
titleConcepts

Document Repository

Global Tenant

Multi-tenancy

Concurrent License Allocation

Digi accordion
expanded


Expand
titleAdministrators


Expand
titleBasic


Expand
titleUsers

Adding Users

Viewing User List

Configuring Role Templates

Role Template Menu Configuration_GM

Role Template Other Configuration

Configuring Custom Tabs

Resigned Approver List

Viewing Switch User List

Configuring Switch User

Importing User Details Using Excel_General

Importing User Details from DB_General

Importing Active Directory User Details_General


Expand
titleInfrastructure


Expand
titleTheme Configuration

Configuring Themes

Previewing and Editing Themes


Expand
titleSSO Configuration

27558372SSO Configuration Wizard Gen

SSO Configurations: Forms Gen

SSO Configuration : SAML Gen

SSO ConfigurationsConfiguration: Forms OAuth Gen

SSO Configurations: Proxy Gen


Expand
titleForm Builder

Form Builder

Custom Fields

Configuring Custom Fields for Customers

Configuring Custom Fields for Users


Expand
titleCommon Masters

Configuring Common Master Types

Configuring Common Masters

Configuring Geographic Location


Expand
titleWidgets

Configuring Widgets

Configuring Widget Tabs

Configuring Widget Reports

Configuring Widget Report Access


Expand
titleExport/Import

Importing Configurations by Template

Exporting Configurations by File

Importing Configurations by File

Configuring Tenant

Configuring Domain

Configuring Dashboards

Configuring Application Settings

Importing Master Template

Configuring Analysts

Mapping Language Translation

Configuring Workgroups

Report Builder

Configuring Custom Scheduler

Archiving Data

Configuring Periodic Survey

Configuring Simple Mail Transfer Protocol (SMTP)

Configuring Web Services

External Web Service Mapping

Proxy View

Viewing Proxy Server Details

Configuring VLAN

Mapping VLAN to Proxy

Configuring Digital Signature

Configuring ServiceNow


Expand
titleWorkflow

Configuring SR Approval Workflow

Configuring CR Approval Workflow


Expand
titleCustomers

Adding Customers

Viewing Customer List

Configuring Customer SLA Matrix

Configuring Custom Tabs for Customers


Expand
titleVendors

Adding Vendors

Viewing Vendor List



Expand
titleAdvanced


Expand
titleDiscovery and Monitoring

Configuring Vendor MIBs

Discovery Configuration

Configuring Monitoring Accounts

Configuring Scripts

Configuring Scripts Based Monitoring

Configuring SNMP MIB

Configuring SNMP Based Monitoring


Expand
titleDocuments

Configuring Standard Operating Procedures

Viewing Documents

Uploading Documents


Expand
titleNotifications

E-mail Parsing

Configuring Mailbox

Configuring Notification Parser

Configuring Notification Templates

Configuring SMS Gateway

Configuring Voice Call Gateway

Configuring Bulletins

Configuring Alerts

Adding Master Configuration

Configuring Conference Call

Configuring Push Notifications


Expand
titleCompliance

Configuring Compliance Profiles

Allocating Compliance Profiles

Agent Contact Information

Viewing Modifying Profile Configuration


Expand
titleProductivity

Configuring Skills Gen

Configuring Skill Category

Configuring Core Competency

Adding Holidays

Expand
titleShift Management

Configuring Shifts

Allocating Shifts

Viewing Shift Roster Gen


Expand
titleEscalations

Configuring Auto Escalations

Configuring Manual Escalations



Expand
titleLicense

License Usage

License Acceptance

License Monitoring

Allocating Concurrent License


Expand
titleGDPR

GDPR

Configuring GDPR

Guide Me


Expand
titlePassword Management

Password Management

Configuring Administrator

Configuring Security Questions

Mapping Security Questions

Configuring Keyword Message

Managing User Account

Configuring Password Expiry

Status Details Report

User Registration Details Report

Configuring Password Expiry

Password E-mail Audit Log

Creating AD Property



Digi accordionexpand
titleReports and Dashboards

Viewing Reports

Creating New BI Report

Creating New BI Dashboard

Discovery Scan Error Report

Summit Audit Log for Login Accounts

SUMMIT Configuration Audit Report

Survey Report

License Trend Report

GDPR Status Report


Digi accordionexpand
titleOthers

Tenant Department Customer

Configuring Auto Escalation for Incident By SLA

Configuring Auto Escalation for Incident By Time

Configuring Auto Escalation for SR by Time

Configuring Auto Escalation for SR by SLA

Configuring Mailbox

Proxy View

Configuring Vendor MIBs

Summit Audit Log for Login Accounts Gen

Scripting


Scroll export button
scopecurrent
template-idc9a14909-8f27-452d-bca0-164bee1a9265
captionDownload this Page
add-onScroll PDF Exporter

OAuth is an open standard for access delegation, commonly used as a way for Internet users to grant websites or applications access to their information on other websites but without giving them the passwords.

Using OAuth you can enable Single Sign Ons for the following portals:

Expand
titleOffice 365

To enable Single Sign on for Office 365 from SummitAI, the following configuration should be done in Office 365 portal.

Expand
titleFor Web Application


Expand
titlePrerequisites to be performed in Office 365
  1. Log into Office 365 using https://apps.dev.microsoft.com/.

    Office 365 Login Screen
    Figure: Office 365 Login Screen

  2. Enter your Office 365 credentials and login to the portal. My Applications page is displayed.

    My Applications page
    Figure: My Applications page

    Note
    titleNote:

    Under Converged Applications you can configure both Office 365 and Azure. Under Azure AD only Applications you can configure only Azure.


  3. Click Add an app under Converged Applications. Register your application pop-up page is displayed.

    Register your Application pop-up page
    Figure: Register your Application pop-up page

  4. Specify a name for the application and click Create. The Application ID is displayed.

    Office 365 Page
    Figure: Office 365 Page

    Note
    titleNote:

    The Application ID displayed here is the Client ID to be used in SummitAI application.


  5. Click Generate New Password. A New password is generated and displayed in the Pop-up page. This is the only time the password is displayed. Store it securely.

    New Password generated pop-up page
    Figure: New Password generated pop-up page

    Note
    titleNote:

    The Password generated here is the Client Secret Key in SummitAI application. 


  6. Click Add Platform under the Platforms section. The Add Platform pop-up page is displayed.

    Add Platform Pop-up page
    Figure: Add Platform Pop-up page

  7. On the Add Platform pop-up page, select Web.
  8. Specify the Redirect URL. This URL is your SummitAI Web Application login URL. (Eg: https://baseurl/SUMMIT_SAMLResponse.aspx).

    Note
    titleNote
    • The Redirect URL you provide here should be entered in the Redirect URL field in SummitAI application.
    • The Delegated Permissions (user.read) displayed in the Microsoft Graph Permissions section should be entered in the Scope field of SummitAI application.

    Microsoft Graph Permissions section
    Figure: Microsoft Graph Permissions section

  9. Click SAVE after all the above actions are performed.

    Office 365 page
    Figure: Office 365 page


Expand
titleConfiguration in SummitAI Application

To Configure SSO for Office 365 from SummitAI:

  1. Select Admin > Basic > Infrastructure > SSO Configuration. The SSO CONFIGURATION page is displayed.
  2. On the SSO CONFIGURATION page, select OAuth under the Authentication Type and click ADD NEW on the ACTIONS Panel.


    Figure: SSO Configuration: OAuth_Office 365


  3. Specify the required details and click SUBMIT. For more details about the fields on the SSO CONFIGURATION page, see Field Description.

Field Description

The following table describes the fields on the SSO CONFIGURATION page:

Fields

Description

Domain

Select the domain name from the list. The OAuth based authentication will be configured for the selected domain.
Note: This field is not visible for single domain users.

URL

Specify the Mobile Web Service URL. Example: https://baseurl/mobilews

Grant Type

Select the Grant Type as Authorization Code from the drop-down list.

Authorization URL

Specify the following Authorization URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize

Access Token URL

Specify the following Access Token URL: https://login.microsoftonline.com/common/oauth2/v2.0/token

Client ID

Specify the Client ID. This is the Application ID from Office 365 portal. Refer to Prerequisites section for more information about this field.

Client Secret Key

Specify the Client Secret Key. This is the Password generated from Office 365 portal. Refer to Prerequisites section for more information about this field.

User Information URL

Specify the following User Information URL:
https://graph.microsoft.com/v1.0/me

Redirect URL

Specify the Redirect URL. This is the same URL you have specified in the Redirect URL field of Office 365 portal. Eg: https://baseurl/SUMMIT_SAMLResponse.aspx

ACS URL

Specify the ACS URL.

Include ACS URL

If selected, the ACS URL is included.

Scope

Specify the Scope as user.read. This is from the Delegated Permissions section of Office 365 portal.

Response Attribute

Specify the Response Attribute as mail.

User CreationUpon enabling this checkbox, the user is created if that user is not available in SummitAI database but wants to login into the SummtAI application using OAuth authentication method.
Time Zone

Select the timezone from the drop-down list. The selected timezone will be assigned to the newly created user.
Note: This field is displayed only when the User Creation checkbox is enabled.

Template Name

Select the role template from the list. The selected role template will be assigned to the newly created user.

Note: This field is displayed only when the User Creation checkbox is enabled.

Logo

Upload a logo. The uploaded logo is displayed on the Login Screen. The logo image width should be less than 300px and height should be less than 48px. Supported Image formats are .gif, .jpeg, .jpg, .png, .bmp.




Expand
titleFor Mobile


Expand
titlePrerequisites to be performed in Office 365
  1. Log into Office 365 using https://apps.dev.microsoft.com/.
    Office 365 Login Screen
    Figure: Office 365 Login Screen

  2. Enter your Office 365 credentials and login to the portal. My Applications page is displayed.

    My Applications page
    Figure: My Applications page

    Note
    titleNote:

    Under Converged Applications you can configure both Office 365 and Azure. Under Azure AD only Applications you can configure only Azure.


  3. Click Add an app under Converged Applications. Register your application pop-up page is displayed.

    Register your Application pop-up page
    Figure: Register your Application pop-up page

  4. Specify a name for the application and click Create. The Application ID is displayed.

    Office 365 Page
    Figure: Office 365 Page

    Note
    titleNote:

    The Application ID displayed here is the Client ID to be used in SummitAI application.


  5. Click Generate New Password. A New password is generated and displayed in the Pop-up page. This is the only time the password is displayed. Store it securely.


    Figure: New Password generated pop-up page

    Note
    titleNote:

    The Password generated here is the Client Secret Key in SummitAI application. 


  6. Click Add Platform under the Platforms section. The Add Platform pop-up page is displayed.

    Add Platform Pop-up page
    Figure: Add Platform Pop-up page

  7. On the Add Platform pop-up page, select Web.
  8. Specify the Redirect URL. This URL is your SummitAI Web Application login URL. (Eg: https://baseurl/SUMMIT_Weblogin.aspx).

    Note
    titleNote:
    • The Redirect URL you provide here should be entered in the Redirect URL field in SummitAI application.
    • The Delegated Permissions (user.read) displayed in the Microsoft Graph Permissions section should be entered in the Scope field of SummitAI application.

    Microsoft Graph Permissions section
    Figure: Microsoft Graph Permissions section

  9. Click SAVE after all the above actions are performed.

    Office 365 page
    Figure: Office 365 page


Expand
titleConfiguration in SummitAI Application

To Configure SSO for Office 365 from SummitAI:

  1. Select Admin > Basic > Infrastructure > SSO Configuration. The SSO CONFIGURATION page is displayed.
  2. On the SSO CONFIGURATION page, select OAuth under the Authentication Type and click ADD NEW on the ACTIONS Panel.


    Figure: SSO Configuration: OAuth_Office 365

  3. Specify the required details and click SUBMIT. For more details about the fields on the SSO CONFIGURATION page, see Field Description.

Field Description

The following table describes the fields on the SSO CONFIGURATION page:

Fields

Description

DomainSelect the domain name from the list. The OAuth based authentication will be configured for the selected domain.
Note: This field is not visible for single domain users.

URL

Specify the Mobile Web Service URL. Example: https://baseurl/mobilews

Grant Type

Select the Grant Type as Authorization Code from the drop-down list.

Authorization URL

Specify the following Authorization URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize

Access Token URL

Specify the following Access Token URL: https://login.microsoftonline.com/common/oauth2/v2.0/token

Client ID

Specify the Client ID. This is the Application ID from Office 365 portal. Refer to Prerequisites section for more information about this field.

Client Secret Key

Specify the Client Secret Key. This is the Password generated from Office 365 portal. Refer to Prerequisites section for more information about this field.

User Information URL

Specify the following User Information URL:
https://graph.microsoft.com/v1.0/me

Redirect URL

Specify the Redirect URL. This is the same URL you have specified in the Redirect URL field of Office 365 portal. Eg: https://baseurl/SUMMIT_SAMLResponse.aspx

ACS URL

Specify the ACS URL.

Include ACS URL

If selected, the ACS URL is included.

Scope

Specify the Scope as user.read. This is from the Delegated Permissions section of Office 365 portal.

Response Attribute

Specify the Response Attribute as mail.

User CreationUpon enabling this checkbox, the user is created if that user is not available in SummitAI database but wants to login into the SummtAI application using OAuth authentication method.
Time Zone

Select the timezone from the drop-down list. The selected timezone will be assigned to the newly created user.
Note: This field is displayed only when the User Creation checkbox is enabled.

Template Name

Select the role template from the list. The selected role template will be assigned to the newly created user.

Note: This field is displayed only when the User Creation checkbox is enabled.

Logo

Upload a logo. The uploaded logo is displayed on the Login Screen. The logo image width should be less than 300px and height should be less than 48px. Supported Image formats are .gif, .jpeg, .jpg, .png, .bmp.





Expand
titleAzure

To enable Single Sign on for Azure from SummitAI, the following configuration should be done in Azure portal.

Expand
titleFor Web Application


Expand
titlePrerequisites to be performed in Azure portal

Prerequisites to be performed in Azure Portal:

  1. Go to https://portal.azure.com. The login page is displayed.
  2. Login to the application with valid Azure credentials.
  3. On the menu, click Azure Active Directory, and then click App Registrations.

    Azure Active Directory Menu
    Figure: Azure Active Directory Menu

  4. Click New App Registration

    New Application Registration Menu
    Figure: New Application Registration Menu

  5. Specify the Name, Application Type, and Sign-on URL. Click Create.

    Creating Application
    Figure: Creating Application


  6. The application is created and displayed in the list. Click the newly created application.

    Application Pop-up
    Figure: Application Pop-up

    Note
    titleNote:

    The Application ID displayed here is the Client ID to be specified in SummitAI application.


  7. Click Settings and then click Reply URLs. The Reply URL mentioned here is the Redirect URL to be entered in the SummitAI application.

    Reply URLs
    Figure: Reply URLs


  8. Click Required Permissions and then click ADD.

    Required Permissions Menu
    Figure: Required Permissions Menu


  9. Click Select an API, and then select Microsoft Graph.

    Selecting APIx
    Figure: Selecting API


  10. Click Select Permissions and select Send mail as a user, Sign in and read user profile under Delegate Permissions section, and click Done.

    Select Permissions Menu
    Figure: Select Permissions Menu


  11. Select Keys and specify the required information. Click Save.


    Figure: Keys Section

  12. The Password is displayed. This is the only time you will be able to see it. Store it securely.

    Password
    Figure: Password

    Note
    titleNote:

    The Password displayed here is the Client Secret Key in SummitAI application.



Expand
titleConfiguration in SummitAI Application

To Configure SSO for Azure from SummitAI:

  1. Select Admin > Basic > Infrastructure > SSO Configuration. The SSO CONFIGURATION page is displayed.
  2. On the SSO CONFIGURATION page, select OAuth under the Authentication Type and click ADD NEW on the ACTIONS Panel.


    Figure: SSO Configuration: OAuth_Azure

  3. Specify the required details and click SUBMIT. For more details about the fields on the SSO CONFIGURATION page, see Field Description.

Field Description

The following table describes the fields on the SSO CONFIGURATION page:

Fields

Description

DomainSelect the domain name from the list. The Azure OAuth based authentication will be configured for the selected domain.
Note: This field is not visible for single domain users.

URL

Specify the Mobile Web Service URL. Example: https://baseurl/mobilews

Grant Type

Select the Grant Type as Authorization Code from the drop-down list.

Authorization URL

Specify the following Authorization URL: https://login.microsoftonline.com/common/oauth2/authorize

Access Token URL

Specify the following Access Token URL:
https://graph.microsoft.com

Client ID

Specify the Client ID. This is the Application ID from Azure portal. Refer to Prerequisites section for more information about this field.

Client Secret Key

Specify the Client Secret Key. This is the Password generated from Azure portal. Refer to Prerequisites section for more information about this field.

User Information URL

Specify the following User Information URL:
https://graph.microsoft.com/v1.0/me

Redirect URL

Specify the Redirect URL. This is the same URL you have specified in the Redirect URL field of Azure portal. Eg: https://baseurl/SUMMIT_SAMLResponse.aspx

ACS URL

Specify the ACS URL.

Include ACS URL

If selected, the ACS URL is included.

Scope

Specify the Scope as user.read

Response Attribute

Specify the Response Attribute as userPrincipalName.

Note
titleNote:

When the Response Attribute field is configured as userPrincipleName and Azure is returning the username as an Email ID then you must configure the key <add key="ConfigureOAuthLoginType" value="W" /> in the Web.Config file. 


User CreationUpon enabling this checkbox, the user is created if that user is not available in SummitAI database but wants to login into the SummtAI application using Azure OAuth authentication method.
Time Zone

Select the timezone from the drop-down list. The selected timezone will be assigned to the newly created user.

Note: This field is displayed only when the User Creation checkbox is enabled.

Template Name

Select the role template from the list. The selected role template will be assigned to the newly created user.

Note: This field is displayed only when the User Creation checkbox is enabled.

Logo

Upload a logo. The uploaded logo is displayed on the Login Screen. The logo image width should be less than 300px and height should be less than 48px. Supported Image formats are .gif, .jpeg, .jpg, .png, .bmp.




Expand
titleFor Mobile


Expand
titlePrerequisites to be performed in Azure portal

Prerequisites to be performed in Azure Portal:

  1. Go to https://portal.azure.com. The login page is displayed.
  2. Login to the application with valid Azure credentials.
  3. On the menu, click Azure Active Directory, then click App Registrations.

    Azure Active Directory Menu
    Figure: Azure Active Directory Menu

  4. Click New App Registration.

    New Application Registration Menu
    Figure: New Application Registration Menu


  5. Specify the Name, Application Type, and Sign-on URL. Click Create.

    Creating Application
    Figure: Creating Application


  6. The application is created and displayed in the list. Click the newly created application.


    Figure: Application Pop-up 

    Note
    titleNote:

    The Application ID displayed here is the Client ID to be specified in SummitAI application.


  7. Click Settings and then click Reply URLs. The Reply URL mentioned here is the Redirect URL in SummitAI application.

    Reply URLs
    Figure: Reply URLs


  8. Click Required Permissions and then click ADD.

    Required Permissions Menu
    Figure: Required Permissions Menu


  9. Click Select an API and then select Microsoft Graph.

    Selecting API
    Figure: Selecting API

  10. Click Select Permissions and select Send mail as a user, Sign in and read user profile under Delegate Permissions section. click Done after selecting.

    Select Permissions Menu
    Figure: Select Permissions Menu


  11. Select Keys and specify the required information. Click Save.

    Keys section
    Figure: Keys section

  12. The Password is displayed. This is the only time you will be able to see it. Store it securely.

    Password
    Figure: Password

    Note
    titleNote:

    The Password displayed here is the Client Secret Key in SummitAI application.



OR

Expand
titlePrerequisites to be performed in Office 365
  1. Log into Office 365 using https://apps.dev.microsoft.com/.

    Office 365 Login Screen
    Figure: Office 365 Login Screen

  2. Enter your Office 365 credentials and login to the portal. My Applications page is displayed.

    My Applications page
    Figure: My Applications page

    Note
    titleNote:

    Under Converged Applications you can configure both Office 365 and Azure. Under Azure AD only Applications you can configure only Azure.


  3. Click Add an app under Converged ApplicationsRegister your application pop-up page is displayed.

    Register your Application pop-up page
    Figure: Register your Application pop-up page

  4. Specify a name for the application and click Create. The Application ID is displayed.

    Office 365 Page
    Figure: Office 365 Page

    Note
    titleNote:

    The Application ID displayed here is the Client ID to be used in SummitAI application.


  5. Click Generate New Password. A New password is generated and displayed in the Pop-up page. This is the only time the password is displayed. Store it securely.

    New Password generated pop-up page
    Figure: New Password generated pop-up page

    Note
    titleNote:

    The Password generated here is the Client Secret Key in SummitAI application. 


  6. Click Add Platform under the Platforms section. The Add Platform pop-up page is displayed.

    Add Platform Pop-up page
    Figure: Add Platform Pop-up page

  7. On the Add Platform pop-up page, select Web.
  8. Specify the Redirect URL. This URL is your SummitAI Web Application login URL. (Eg: https://baseurl/SUMMIT_Weblogin.aspx).

    Note
    titleNote
    • The Redirect URL you provide here should be entered in the Redirect URL field in SummitAI application.
    • The Delegated Permissions (user.read) displayed in the Microsoft Graph Permissions section should be entered in the Scope field of SummitAI application.

    Microsoft Graph Permissions section
    Figure: Microsoft Graph Permissions section

  9. Click SAVE after all the above actions are performed.

    Office 365 page
    Figure: Office 365 page


Expand
titleConfiguration in SummitAI Application

To Configure SSO for Azure from SummitAI:

  1. Select Admin > Basic > Infrastructure > SSO Configuration. The SSO CONFIGURATION page is displayed.
  2. On the SSO CONFIGURATION page, select OAuth under the Authentication Type and click ADD NEW on the ACTIONS Panel.


    Figure: SSO Configuration: OAuth_Azure

  3. Specify the required details and click SUBMIT. For more details about the fields on the SSO CONFIGURATION page, see Field Description.

Field Description

The following table describes the fields on the SSO CONFIGURATION page:

Fields

Description

Domain

Select the domain name from the list. The Azure OAuth based authentication will be configured for the selected domain.
Note: This field is not visible for single domain users.

URL

Specify the Mobile Web Service URL. Example: https://baseurl/mobilews

Grant Type

Select the Grant Type as Authorization Code from the drop-down list.

Authorization URL

Specify the following Authorization URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize (If Configured from Office 365)
https://login.microsoftonline.com/[tenant]/oauth2/v2.0/authorize (If Configured from Azure)

Access Token URL

Specify the following Access Token URL: https://login.microsoftonline.com/common/oauth2/v2.0/token (If Configured from Office 365)
https://login.microsoftonline.com/[tenant]/oauth2/v2.0/token (If Configured from Azure)

Client ID

Specify the Client ID. This is the Application ID from Azure portal. Refer to Prerequisites section for more information about this field.

Client Secret Key

Specify the Client Secret Key. This is the Password generated from Azure portal. Refer to Prerequisites section for more information about this field.

User Information URL

Specify the following User Information URL:
https://graph.microsoft.com/v1.0/me

Redirect URL

Specify the Redirect URL. This is the same URL you have specified in the Redirect URL field of Azure portal. Eg: https://baseurl/SUMMIT_Weblogin.aspx

ACS URL

Specify the ACS URL.

Include ACS URL

If selected, the ACS URL is included.

Scope

Specify the Scope as user.read

Response Attribute

Specify the Response Attribute as userPrincipalName .

User CreationUpon enabling this checkbox, the user is created if that user is not available in SummitAI database but wants to login into the SummtAI application using Azure OAuth authentication method.
Time Zone

Select the timezone from the drop-down list. The selected timezone will be assigned to the newly created user.

Note: This field is displayed only when the User Creation checkbox is enabled.

Template Name

Select the role template from the list. The selected role template will be assigned to the newly created user.

Note: This field is displayed only when the User Creation checkbox is enabled.

Logo

Upload a logo. The uploaded logo is displayed on the Login Screen. The logo image width should be less than 300px and height should be less than 48px. Supported Image formats are .gif, .jpeg, .jpg, .png, .bmp.





Expand
titleFacebook

To enable Single Sign on for Facebook from SummitAI, the following configuration should be done in Facebook application:

Expand
titleFor Web Application


Expand
titlePrerequisites to be performed in Facebook
  1. Log into Facebook using https://developers.facebook.com/. Click Log In.

    Login Page
    Figure: Login Page

  2. The Facebook login page is displayed. Specify your User Name and Password and click Log In. If you do not have an account already, click Create New Account to Sign up.

    Login Page
    Figure: Facebook Login Screen

  3. On the top right corner, hover your mouse over My Apps, and then click Add a New App.

    Add a New App
    Figure: Add a New App

  4. Create a New App ID pop-up page is displayed. Specify a Display Name and Contact Email, and then click Create App ID.

    Create App ID page
    Figure: Create App ID page

  5. You are redirected to the Dashboard page. The App ID is displayed on the top left corner of the page. Click Show to view the App Secret.

    Note
    titleNote:
    • The App ID displayed here should be entered in the Client ID field of SummitAI application.
    • The Client Secret displayed here should be entered in the Client Secret Key field of SummitAI application.

     Dashboard page
    Figure: Dashboard page


  6. Click Settings > Basic. Specify the required information in the fields. Select the Category as Utility & Productivity.

    Settings page
    Figure: Settings page

  7. Click Add Platform. The Select Platform pop-up page is displayed. Select Website.

    Select Platform Page
    Figure: Select Platform Page

  8. Specify the Site URL and click Save Changes.

    Basic Settings page
    Figure: Basic Settings page

  9. Click Advanced and Allow API Access to App Settings.

    Advanced Settings Page
    Figure: Advanced Settings Page

  10. Click Save Changes.
  11. Click App Review and make your app Public by clicking Yes.

    App Review Page
    Figure: App Review Page

  12. Click Add Product and select Facebook Login.

    Add Product
    Figure: Add Product

  13. Under the Valid OAuth redirect URLs section, specify a Re-direct URL.

    Redirect URL
    Figure: Redirect URL

    Note
    titleNote:

    The Redirect URL specified here should be entered in the Redirect URL field of SummitAI Application.



Expand
titleConfiguration in SummitAI Application

To Configure SSO for Facebook from SummitAI:

  1. Select Admin > Basic > Infrastructure > SSO Configuration. The SSO CONFIGURATION page is displayed.
  2. On the SSO CONFIGURATION page, select OAuth under the Authentication Type and click ADD NEW on the ACTIONS Panel.


    Figure: SSO Configuration: OAuth_Facebook
  3. Specify the required details and click SUBMIT. For more details about the fields on the SSO CONFIGURATION page, see Field Description.

Field Description

The following table describes the fields on the SSO CONFIGURATION page:

Fields

Description

Domain

Select the domain name from the list. The Facebook OAuth based authentication will be configured for the selected domain.
Note: This field is not visible for single domain users.

URL

Specify the Mobile Web Service URL. Example: https://baseurl/mobilews

Grant Type

Select the Grant Type as Authorization Code from the drop-down list.

Authorization URL

Specify the following Authorization URL:
https://www.facebook.com/dialog/oauth

Access Token URL

Specify the following Access Token URL:
https://graph.facebook.com/v2.9/oauth/access_token

Client ID

Specify the Client ID. This is the Application ID from Facebook portal. Refer to Prerequisites section for more information about this field.

Client Secret Key

Specify the Client Secret Key. This is the Password generated from Facebook portal. Refer to Prerequisites section for more information about this field.

User Information URL

Specify the following User Information URL:
https://graph.facebook.com/v2.9/me?fields=id,name,email

Redirect URL

Specify the Redirect URL. This is the same URL you have specified in the Redirect URL field of Facebook portal. Eg: https://baseurl/SUMMIT_SAMLResponse.aspx

ACS URL

Specify the ACS URL.

Include ACS URL

If selected, the ACS URL is included.

Scope

Specify the scope as email,public_profile

Response Attribute

Specify the Response Attribute as email.

User CreationUpon enabling this checkbox, the user is created if that user is not available in SummitAI database but wants to login into the SummtAI application using Facebook OAuth authentication method.
Time Zone

Select the timezone from the drop-down list. The selected timezone will be assigned to the newly created user.

Note: This field is displayed only when the User Creation checkbox is enabled.

Template Name

Select the role template from the list. The selected role template will be assigned to the newly created user.

Note: This field is displayed only when the User Creation checkbox is enabled.

Logo

Upload a logo. The uploaded logo is displayed on the Login Screen. The logo image width should be less than 300px and height should be less than 48px. Supported Image formats are .gif, .jpeg, .jpg, .png, .bmp.




Expand
titleFor Mobile


Expand
titlePrerequisites to be performed in Facebook
  1. Log into Facebook using https://developers.facebook.com/. Click Log In.

    Login Page
    Figure: Login Page

  2. The Facebook login page is displayed. Specify your User Name and Password and click Log In. If you do not have an account already, click Create New Account to Sign up.

    Facebook Login Screen
    Figure: Facebook Login Screen

  3. On the top right corner, hover your mouse over My Apps, and then click Add a New App.

    Add a New App
    Figure: Add a New App

  4. Create a New App ID pop-up page is displayed. Specify a Display Name and Contact Email, and then click Create App ID.

    Create App ID page
    Figure: Create App ID page

  5. You are redirected to the Dashboard page. The App ID is displayed on the top left corner of the page. Click Show to view the App Secret.

    Note
    titleNot:
    • The App ID displayed here should be entered in the Client ID field of SummitAI application.
    • The Client Secret displayed here should be entered in the Client Secret Key field of SummitAI application.

    Dashboard page
    Figure: Dashboard page


  6. Click Settings > Basic. Specify the required information in the fields. Select the Category as Utility & Productivity.

    Settings page
    Figure: Settings page

  7. Click Add Platform. The Select Platform pop-up page is displayed. Select Website.

    Select Platform Page
    Figure: Select Platform Page

  8. Specify the Site URL and click Save Changes.

    Basic Settings page
    Figure: Basic Settings page

  9. Click Advanced and Allow API Access to App Settings.

    Advanced Settings Page
    Figure: Advanced Settings Page

  10. Click Save Changes.
  11. Click App Review and make your app Public by clicking Yes.

    App Review Page
    Figure: App Review Page

  12. Click Add Product and select Facebook Login.

    Add Product
    Figure: Add Product

  13. Under the Valid OAuth redirect URLs section, specify a Re-direct URL.

    Redirect URL
    Figure: Redirect URL

    Note
    titleNote:

    The Redirect URL specified here should be entered in the Redirect URL field of SummitAI Application.



Expand
titleConfiguration in SummitAI Application

To Configure SSO for Facebook from SummitAI:

  1. Select Admin > Basic > Infrastructure > SSO Configuration. The SSO CONFIGURATION page is displayed.
  2. On the SSO CONFIGURATION page, select OAuth under the Authentication Type and click ADD NEW on the ACTIONS Panel.


    Figure: SSO Configuration: OAuth_Facebook
  3. Specify the required details and click SUBMIT. For more details about the fields on the SSO CONFIGURATION page, see Field Description.

Field Description

The following table describes the fields on the SSO CONFIGURATION page:

Fields

Description

Domain

Select the domain name from the list. The Facebook OAuth based authentication will be configured for the selected domain.
Note: This field is not visible for single domain users.

URL

Specify the Mobile Web Service URL. Example: https://baseurl/mobilews

Grant Type

Select the Grant Type as Authorization Code from the drop-down list.

Authorization URL

Specify the following Authorization URL:
https://www.facebook.com/dialog/oauth

Access Token URL

Specify the following Access Token URL:
https://graph.facebook.com/v2.9/oauth/access_token

Client ID

Specify the Client ID. This is the Application ID from Facebook portal. Refer to Prerequisites section for more information about this field.

Client Secret Key

Specify the Client Secret Key. This is the Password generated from Facebook portal. Refer to Prerequisites section for more information about this field.

User Information URL

Specify the following User Information URL:
https://graph.facebook.com/v2.9/me?fields=id,name,email

Redirect URL

Specify the Redirect URL. This is the same URL you have specified in the Redirect URL field of Facebook portal. Eg: https://baseurl/SUMMIT_SAMLResponse.aspx

ACS URL

Specify the ACS URL.

Include ACS URL

If selected, the ACS URL is included.

Scope

Specify the scope as email,public_profile

Response Attribute

Specify the Response Attribute as email.

User CreationUpon enabling this checkbox, the user is created if that user is not available in SummitAI database but wants to login into the SummtAI application using Facebook OAuth authentication method.
Time Zone

Select the timezone from the drop-down list. The selected timezone will be assigned to the newly created user.

Note: This field is displayed only when the User Creation checkbox is enabled.

Template Name

Select the role template from the list. The selected role template will be assigned to the newly created user.

Note: This field is displayed only when the User Creation checkbox is enabled.

Logo

Upload a logo. The uploaded logo is displayed on the Login Screen. The logo image width should be less than 300px and height should be less than 48px. Supported Image formats are .gif, .jpeg, .jpg, .png, .bmp.





Expand
titleOkta

To enable Single Sign on for Okta from SummitAI, the following configuration should be done in Okta portal.

Expand
titleFor Web Application


Expand
titlePrerequisites to be performed in Okta Portal

Prerequisites to be performed in Okta Portal  

  1. Sign up in Okta portal using https://www.okta.com/developer/signup/.

    Figure:  Sign up

  2. Click Get Started. Your login URL is displayed. Login to Okta using this URL. You will receive a confirmation mail. Set your password by clicking this link.

    Figure:  Okta URL

  3. Specify your User Name and Password and click Sign In.

    Figure:  Okta Login page

  4. On the top menu, select Security > API.

    Figure:  Security Menu

  5. On the API page, click Authorization Servers.

    Figure:  API Page

  6. On the Add Authorization Server pop-up page, Specify Name, Audience, and Description. For more information about these fields, refer https://developer.okta.com/authentication-guide/implementing-authentication/set-up-authz-server.html.

    Figure:  Add Authorization URL Pop-up page

  7. Under the Settings section, the issuer field is displayed. Store this URL securely.

    Figure: Settings section

    Note
    titleNote:

    The Issuer URL displayed here should be entered in the Authorization URL, Access Token URL, and User Info URL fields of SummitAI application.


  8. Select Access Policies and click Add Policy. The Add Policy pop-up page is displayed.

    Figure:  Add Policies pop-up page

  9. On the Add Policy pop-up page, specify the Name, and Description and click Create Policy.

    Figure:  Add Policy page.

  10. On the Add New Access Policy page, create Add Rule.

    Figure:  Add New Access Policy Page

  11. On the Add Rule pop-up page, specify the Rule Name and click Create Rule.

    Figure:  Add Rule Pop-up page

  12. On the top menu, hover your mouse over Applications and select Applications.

    Figure:  Applications

  13. On the Applications page, click Add Application and then click Create New App.

    Figure:  Add Application

  14. On the Create New Application pop-up page, select the platform as Web and Sign On Method as OpenID Connect.

    Figure:  Create New App page

  15. On the Create OpenID page, specify the Application Name and the Redirect URL.

    Figure:  Create OpenID page

    Note
    titleNote:

    The Redirect URL specified here should be entered in the Redirect URL field of SummitAI application.


  16. On the General Settings Page, click Edit and select all the available options under Allowed grant types. The Client ID and Client Secret are displayed under Client Credentials section. Store them securely.

    Figure:  General Settings page

    Note
    titleNote:

    The Client ID and Client Secret displayed here should be entered in the Client Id and Client Secret Key fields of SummitAI application.


  17. You can add multiple People or Groups to the application under the Assignments section.

    Figure:  Add Assignment page


Expand
titleConfiguration in SummitAI Application

To Configure SSO for Okta from SummitAI:

  1. Select Admin > Basic > Infrastructure > SSO Configuration. The SSO CONFIGURATION page is displayed.
  2. On the SSO CONFIGURATION page, select OAuth under the Authentication Type and click ADD NEW on the ACTIONS Panel.

    Figure:  SSO Configuration: OAuth_Okta
  3. Specify the required details and click SUBMIT. For more details about the fields on the SSO CONFIGURATION page, see Field Description.

Field Description

The following table describes the fields on the SSO CONFIGURATION page:

Fields

Description

DomainSelect the domain name from the list. The Facebook OAuth based authentication will be configured for the selected domain.
Note: This field is not visible for single domain users.

URL

Specify the Mobile Web Service URL. Example: https://baseurl/mobilews

Grant Type

Select the Grant Type as Authorization Code from the drop-down list.

Authorization URL

Specify the following Authorization URL:
urlfromoktaportal/v1/authorize

Access Token URL

Specify the following Access Token URL:
urlfromoktaportal/v1/token

Client ID

Specify the Client ID. This is the Application ID from Okta portal. Refer to Prerequisites section for more information about this field.

Client Secret Key

Specify the Client Secret Key. This is the Password generated from Okta portal. Refer to Prerequisites section for more information about this field.

User Information URL

Specify the following User Information URL:
urlfromoktaportal/userinfo

Redirect URL

Specify the Redirect URL. This is the same URL you have specified in the Redirect URL field of Okta portal. Eg: https://baseurl/SUMMIT_SAMLResponse.aspx

ACS URL

Specify the ACS URL.

Include ACS URL

If selected, the ACS URL is included.

Scope

Specify the scope as openid email profile address phone offline_access

Response Attribute

Specify the Response Attribute as email.

User CreationUpon enabling this checkbox, the user is created if that user is not available in SummitAI database but wants to login into the SummtAI application using Okta authentication method.
Time Zone

Select the timezone from the drop-down list. The selected timezone will be assigned to the newly created user.
Note: This field is displayed only when the User Creation checkbox is enabled.

Template Name

Select the role template from the list. The selected role template will be assigned to the newly created user.

Note: This field is displayed only when the User Creation checkbox is enabled.

Logo

Upload a logo. The uploaded logo is displayed on the Login Screen. The logo image width should be less than 300px and height should be less than 48px. Supported Image formats are .gif, .jpeg, .jpg, .png, .bmp.




Expand
titleFor Mobile


Expand
titlePrerequisites to be performed in Okta Portal

Prerequisites to be performed in Okta Portal  

  1. Sign up in Okta portal using https://www.okta.com/developer/signup/.

    Figure:  Sign up

  2. Click Get Started. Your login URL is displayed. Login to Okta using this URL. You will receive a confirmation mail. Set your password by clicking this link.

    Figure:  Okta URL

  3. Specify your User Name and Password and click Sign In.

    Figure:  Okta Login page

  4. On the top menu, select Security > API.

    Figure:  Security Menu

  5. On the API page, click Authorization Servers.

    Figure:  API Page

  6. On the Add Authorization Server pop-up page, Specify Name, Audience, and Description. For more information about these fields, refer https://developer.okta.com/authentication-guide/implementing-authentication/set-up-authz-server.html.

    Figure:  Add Authorization URL Pop-up page

  7. Under the Settings section, the issuer field is displayed. Store this URL securely.

    Figure: Settings section

    Note
    titleNote:

    The Issuer URL displayed here should be entered in the Authorization URL, Access Token URL, and User Info URL fields of SummitAI application.


  8. Select Access Policies and click Add Policy. The Add Policy pop-up page is displayed.

    Figure:  Add Policies pop-up page

  9. On the Add Policy pop-up page, specify the Name, and Description and click Create Policy.

    Figure:  Add Policy page.

  10. On the Add New Access Policy page, create Add Rule.

    Figure:  Add New Access Policy Page

  11. On the Add Rule pop-up page, specify the Rule Name and click Create Rule.

    Figure:  Add Rule Pop-up page

  12. On the top menu, hover your mouse over Applications and select Applications.

    Figure:  Applications

  13. On the Applications page, click Add Application and then click Create New App.

    Figure:  Add Application

  14. On the Create New Application pop-up page, select the platform as Web and Sign On Method as OpenID Connect.

    Figure:  Create New App page

  15. On the Create OpenID page, specify the Application Name and the Redirect URL.

    Figure:  Create OpenID page

    Note
    titleNote:

    The Redirect URL specified here should be entered in the Redirect URL field of SummitAI application.


  16. On the General Settings Page, click Edit and select all the available options under Allowed grant types. The Client ID and Client Secret are displayed under Client Credentials section. Store them securely.

    Figure:  General Settings page

    Note
    titleNote:

    The Client ID and Client Secret displayed here should be entered in the Client Id and Client Secret Key fields of SummitAI application.


  17. You can add multiple People or Groups to the application under the Assignments section.

    Figure:  Add Assignment page


Expand
titleConfiguration in SummitAI Application

To Configure SSO for Okta from SummitAI: 

  1. Select Admin > Basic > Infrastructure > SSO Configuration. The SSO CONFIGURATION page is displayed.
  2. On the SSO CONFIGURATION page, select OAuth under the Authentication Type and click ADD NEW on the ACTIONS Panel.

    Figure:  SSO Configuration: OAuth_Okta 
  3. Specify the required details and click SUBMIT. For more details about the fields on the SSO CONFIGURATION page, see Field Description.

Field Description

The following table describes the fields on the SSO CONFIGURATION page:

Fields

Description

DomainSelect the domain name from the list. The Facebook OAuth based authentication will be configured for the selected domain.
Note: This field is not visible for single domain users.

URL

Specify the Mobile Web Service URL. Example: https://baseurl/mobilews

Grant Type

Select the Grant Type as Implicit from the drop-down list.

Authorization URL

Specify the following Authorization URL:
urlfromoktaportal/v1/authorize

Access Token URL

Specify the following Access Token URL:
urlfromoktaportal/v1/token

Client ID

Specify the Client ID. This is the Application ID from Okta portal. Refer to Prerequisites section for more information about this field.

Client Secret Key

Specify the Client Secret Key. This is the Password generated from Okta portal. Refer to Prerequisites section for more information about this field.

User Information URL

Specify the following User Information URL:
urlfromoktaportal/v1/userinfo

Redirect URL

Specify the Redirect URL. This is the same URL you have specified in the Redirect URL field of Okta portal. Eg: https://baseurl/SUMMIT_Weblogin.aspx

ACS URL

Specify the ACS URL.

Include ACS URL

If selected, the ACS URL is included.

Scope

Specify the scope as openid email profile address phone offline_access

Response Attribute

Specify the Response Attribute as email.

User CreationUpon enabling this checkbox, the user is created if that user is not available in SummitAI database but wants to login into the SummtAI application using Okta authentication method.
Time Zone

Select the timezone from the drop-down list. The selected timezone will be assigned to the newly created user.
Note: This field is displayed only when the User Creation checkbox is enabled.

Template Name

Select the role template from the list. The selected role template will be assigned to the newly created user.

Note: This field is displayed only when the User Creation checkbox is enabled.

Logo

Upload a logo. The uploaded logo is displayed on the Login Screen. The logo image width should be less than 300px and height should be less than 48px. Supported Image formats are .gif, .jpeg, .jpg, .png, .bmp.





Expand
titlePing Federate

To enable Single Sign on for Ping Federate from SummitAI, the following configuration should be done in Ping Federate portal.

Expand
titlePrerequisites to be performed in Ping Federate Portal
  1. Login to Ping Federate server.


    Figure:  Login Screen

  2. On the Server Configuration tab, click Server Settings.


    Figure:  Server Configuration

  3. On the Server Settings page, configure the tabs as shown below:

    Expand
    titleSystem Administration

    Figure:  System Administration tab 


    Expand
    titleSystem Info

    Figure:  System Info tab 


    Expand
    titleRuntime Notifications

    Figure:  Runtime Notifications tab


    Expand
    titleRuntime Reporting

    Figure:  Runtime Reporting tab


    Expand
    titleAccount Management

    Figure:  Account Management tab


    Expand
    titleRoles & Protocols

    Make sure that Enable OAUTH 2.0 Authorization Server (AS) Role is selected.

    Figure:  Roles & Protocols tab


    Expand
    titleFederation Info

    Figure:  Federation Info tab


    Expand
    titleSystem Options

    Figure:  System Options tab


    Expand
    titleMetadata Signing

    Figure:  Metadata Signing tab


    Expand
    titleMetadata Lifetime

     

    Figure:  Metadata Lifetime tab


    Expand
    titleSummary


    Figure:  Summary tab 


  4. On the Server Configuration page, click Data Stores.

    Figure:  Data Stores

  5. On the Manage Data Stores page, click Add New Data Store.


    Figure:  Manage Data Stores

  6. On the Data Store page, configure the tabs as shown below:

    Expand
    titleData Store Type

    Select the Data Store Type as LDAP.

    Figure:  Data Store Type tab


    Expand
    titleLDAP Configuration

    Provide your LDAP Credentials.

    Figure:  LDAP Configuration tab


    Expand
    titleSummary

    Figure:  Summary tab


  7. On the Server Configuration page, click Active Directory Domains/Kerberos Realms.

  8. On the Manage AD Domains/Kerberos Realms page, click Add Domain/Realm.


    Figure:  Add Domain/Realm

    Note
    titleNote:

    To check the configuration, click Test Domain/Realm Connectivity. You should receive a Test Successful message if your configuration is correct.


  9. On the Manage Domain/Realm page, Specify the Domain Name, Username and Password.

    Figure: Manage Domain/Realm page

  10. On the Server Configuration page, click Password Credential Validators.


    Figure:  Password Credential Validators

  11. On the Password Credential Validators page, click Create New Instance.


    Figure:  Create New Instance 


  12. On the Create Credential Validator Instance, configure the tabs as shown below:

    Expand
    titleType

    Figure:  Type


    Expand
    titleInstance Configuration

    Specify the Search Filter as (|(sAMAccountName=${username})(userPrincipalName=${username})) 

    Figure:  Instance Configuration tab


    Expand
    titleExtended Contract

     Add sAMAccountName and userPrincipalName under Extend the Contract. 

    Figure:  Extended Contract tab


    Expand
    titleSummary


    Figure:  Summary


  13. On the Identity Provider page, click Adapters.


    Figure:  Adapters

  14. On the Manage IDP Adapter Instances page, click Create New Instance.


    Figure:  Manage IDP Adapter Instances


  15. On the Create Adapter Instance page, configure the tabs as shown below:

    Expand
    titleType

    Select Type as HTML Form IdP Adapter.

    Figure:  Adapter Type


    Expand
    titleIDP Adapter

    Select Password Credential Validator Instance as Password Validator and click Update under Action.

     

    Figure:  IDP Adapter


    Expand
    titleExtended Contract

    Under Extend the Contract add domainusername and email

    Figure:  Extended Contract


    Expand
    titleAdapter Attributes

    Figure:  Adapter Attributes


    Expand
    titleAdapter Contract Mapping

    Figure:  Adapter Contract Mapping


    Expand
    titleSummary

    Figure:  Summary 


  16. On the OAuth Server page, click Create New under Clients.

    Figure:  OAuth Server page

  17. On the Client page, configure the tabs as shown below:


    Figure:  Client page

    Note
    titleNote:
    • Client ID: The Client ID you enter above should be entered in the Client ID field of SummitAI Application.
    • Client Secret: The Client Secret generated above should be entered in the Client Secret Key field of SummitAI Application.
    • Redirect URL: The Redirect URL you enter above should be entered in the Redirect URL field of SummitAI Application. Example: https://baseurl/Summit_Samlresponse.aspx for Web Application and https://baseurl/Summit_Weblogin.aspx for Mobile Application.


  18. On the OAuth Server page, click Access Token Management under Token Mapping.


    Figure:  Access Token Management

  19. On the Access Token Management page, click Create New Instance.


    Figure:  Create New Instance

  20. On the Create Access Token Management Instance, configure the tabs as shown below:

    Expand
    titleType

    Select the Type as Internally Managed Reference Tokens.

     

    Figure:  Access Token Type


    Expand
    titleInstance Configuration

    Instance Configuration

     

    Figure:  Instance Configuration


    Expand
    titleSession Validation


    Figure:  Session Validation


    Expand
    titleAccess Token Attribute Contract

    Under Extend the Contract, add domainusername, email, group, username.

     

    Figure:  Access Token Attribute Contract


    Expand
    titleResource URLs

    Figure:  Resource URLs


    Expand
    titleAccess Control


    Figure:  Access Control


    Expand
    titleSummary

    Figure:  Summary


  21. On the OAuth Server page, click IDP Adapter Mapping.


    Figure:  IDP Adapter Mapping

  22. On the IDP Adapter Mapping page, select HTML Form Adapter from the drop-down list and click Add Mapping. Click Save.


    Figure:  Add Mapping

  23. The Summary page of IDP Adapter Mapping is displayed.


    Figure:  IDP Adapter Summary

  24. On the OAuth Server page, click Access Token Mapping.


    Figure:  Access Token Mapping

  25. On the Access Token Attribute Mapping page, select Context as HTML Form AdapterAccess Token Manager as actoken and click Add Mapping. Click Save.


    Figure:  Access Token Attribute Mapping

  26. The Summary page of Access Token Attribute Mapping is displayed.


    Figure:  Summary

  27. On the OAuth Server page, click Authorization Server Settings.


    Figure:  Authorization Server Settings

  28. Configure the Authorization Server Settings page as shown below:


    Figure:  Authorization Server Settings
  29. On the OAuth Server page, click Scope Management.


    Figure:  Scope Management
  30. On the Common Scopes tab, add email under Scope Value.


    Figure:  Common Scopes
  31. On the OAuth Server page, click OpenID Connect Policy Management.


    Figure:  OpenID Connect Policy Management
  32. On the Policy Management page, click Add Policy.


    Figure:  Add Policy
  33. On the Policy Management page, configure the tabs as shown below:

    Expand
    titlePrerequisites to be performed in Ping Federate Portal


    Expand
    titleManage Policy

    Figure:  Manage Policy


    Expand
    titleAttribute Contract

    Figure:  Attribute Contract


    Expand
    titleAttribute Scopes

    Figure:  Attribute Scopes


    Expand
    titleAttribute Sources & User Lookup

    Figure:  Attribute Sources & User Lookup


    Expand
    titleContract Fulfillment

    Figure:  Contract Fulfillment


    Expand
    titleIssuance Criteria

    Figure:  Issuance Criteria


    Expand
    titleSummary

    Figure:  Summary




Expand
titleConfiguration in SummitAI Application

To Configure SSO for Ping Federate from SummitAI:

Select Admin > Basic > Infrastructure > SSO Configuration. The SSO CONFIGURATION page is displayed.

  1. On the SSO CONFIGURATION page, select OAuth under the Authentication Type and click ADD NEW on the ACTIONS Panel.


    Figure:  SSO Configuration: OAuth_Ping Federate

  2. Specify the required details and click SUBMIT. For more details about the fields on the SSO CONFIGURATION page, see Field Description.

Field Description

The following table describes the fields on the SSO CONFIGURATION page:

Fields

Description

DomainSelect the domain name from the list. The Facebook OAuth based authentication will be configured for the selected domain.
Note: This field is not visible for single domain users.

URL

Specify the Web Service URL. Example: https://baseurl/summitweblogin.aspx

Grant Type

Select the Grant Type as Authorization Code from the drop-down list.

Authorization URL

Specify the Authorization URL:
Example: https://pingfederatebaseurl/as/authorization.oauth2

Access Token URL

Specify the Access Token URL:
Example: https://pingfederatebaseurl/as/token.oauth2

Client ID

Specify the Client ID. This is the Client ID from Ping Federate Server. Refer to Prerequisites section for more information about this field.

Client Secret Key

Specify the Client Secret Key. This is the Client Secret generated from Ping Federate Server. Refer to Prerequisites section for more information about this field.

User Information URL

Specify User Information URL
Example: https://pingfederatebaseurl/idp/userinfo.openid

Redirect URL

Specify the Redirect URL. This is the same URL you have specified in the Redirect URL field of Ping Federate Server.
For Web: Eg: https://baseurl/SUMMIT_SAMLResponse.aspx
For Mobile : Eg: https://baseurl/SUMMIT_Weblogin.aspx

ACS URL

Specify the ACS URL.

Include ACS URL

If selected, the ACS URL is included.

Scope

Specify the Scope as openid email.

Response Attribute

Specify the Response Attribute as email.

User CreationUpon enabling this checkbox, the user is created if that user is not available in SummitAI database but wants to login into the SummtAI application using Okta authentication method.
Time Zone

Select the timezone from the drop-down list. The selected timezone will be assigned to the newly created user.
Note: This field is displayed only when the User Creation checkbox is enabled.

Template Name

Select the role template from the list. The selected role template will be assigned to the newly created user.

Note: This field is displayed only when the User Creation checkbox is enabled.

Logo

Upload a logo. The uploaded logo is displayed on the Login Screen. The logo image width should be less than 300px and height should be less than 48px. Supported Image formats are .gif, .jpeg, .jpg, .png, .bmp.



ACTIONS

This section explains all the icons displayed on the ACTIONS panel of the SSO CONFIGURATION page.

SHOW LIST

Click SHOW LIST to display the LIST table showing all the SSO Configurations in the SummitAI application for OAuth based authentications.


Figure: SSO CONFIGURATION page:  Show List Page

Filters

On the FILTERS pop-up page, select a domain name from the list and then click SUBMIT. A list of OAuth based authentications configured for the selected domain is displayed.

FILTERS Pop-up page
Figure: FILTERS Pop-up page

ADD NEW

Click ADD NEW to configure a new OAuth based authentication for a domain. 

Scroll ignore
scroll-pdftrue
scroll-officetrue
scroll-chmtrue
scroll-docbooktrue
scroll-eclipsehelptrue
scroll-epubtrue
scroll-htmltrue

truenoneRelease Noteshttp://summitconfluence.symphonysummit.com:8090/display/PD/SUMMIT+Release+NotestruenoneInstallation Guide http://summitconfluence.symphonysummit.com:8090/display/PD/Installation+GuidetruenoneOther Documents http://summitconfluence.symphonysummit.com:8090/display/PD/Other+Documents