Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Updated the digi-accordion macro with the following parameter(s): []


Panel
borderColor#72B0DE
bgColor#72B0DE#F0F0F0


Digi accordionexpand
titleGeneral

About SummitAI IT Management Suite

Signing In

Describing the User Interface

Alerts and Approvals

Viewing and Updating Your Profile Details

Global Search

Personalizing Pages

Forgot Password

Logging Out

Delegating Role

Signing In As Another User

Switching Tenant

Searching Users

Help File Conventions


Digi accordionexpand
titleConcepts

Document Repository

Global Tenant

Multi-tenancy

Concurrent License Allocation

Digi accordion
expandedtrue


Expand
titleAdministrators


Expand
titleBasic


Expand
titleUsers

Adding Users

Viewing User List

Configuring Role Templates

Role Template Menu Configuration_GM

Role Template Other Configuration

Configuring Custom Tabs

Resigned Approver List

Viewing Switch User List

Configuring Switch User

Importing User Details Using Excel_General

Importing User Details from DB_General

Importing Active Directory User Details_General


Expand
titleInfrastructure


Expand
titleTheme Configuration

Configuring Themes

Previewing and Editing Themes


Expand
titleSSO Configuration

SSO Configuration Wizard Gen

SSO ConfigurationConfigurations: OAuth Forms Gen

2388812621468624

SSO ConfigurationsConfiguration: Forms OAuth Gen

SSO Configurations: Proxy Gen


Expand
titleForm Builder

Form Builder

Custom Fields

Configuring Custom Fields for Customers

Configuring Custom Fields for Users


Expand
titleCommon Masters

Configuring Common Master Types

Configuring Common Masters

Configuring Geographic Location


Expand
titleWidgets

Configuring Widgets

Configuring Widget Tabs

Configuring Widget Reports

Configuring Widget Report Access


Expand
titleExport/Import

Importing Configurations by Template

Exporting Configurations by File

Importing Configurations by File

Configuring Tenant

Configuring Domain

Configuring Application Settings

Importing Master Template

Configuring Analysts

Mapping Language Translation

Configuring Workgroups

Report Builder

Configuring Custom Scheduler

Archiving Data

Configuring Periodic Survey

Configuring Simple Mail Transfer Protocol (SMTP)

Configuring Web Services

External Web Service Mapping

Proxy View

Viewing Proxy Server Details

Configuring VLAN

Mapping VLAN to Proxy

Configuring Digital Signature

Configuring ServiceNow


Expand
titleWorkflow

Configuring SR Approval Workflow

Configuring CR Approval Workflow


Expand
titleCustomers

Adding Customers

Viewing Customer List

Configuring Customer SLA Matrix

Configuring Custom Tabs for Customers


Expand
titleVendors

Adding Vendors

Viewing Vendor List



Expand
titleAdvanced


Expand
titleDiscovery and Monitoring

Configuring Vendor MIBs

Discovery Configuration

Configuring Monitoring Accounts

Configuring Scripts

Configuring Scripts Based Monitoring

Configuring SNMP MIB

Configuring SNMP Based Monitoring


Expand
titleDocuments

Configuring Standard Operating Procedures

Viewing Documents

Uploading Documents


Expand
titleNotifications

E-mail Parsing

Configuring Mailbox

Configuring Notification Parser

Configuring Notification Templates

Configuring SMS Gateway

Configuring Voice Call Gateway

Configuring Bulletins

Configuring Alerts

Adding Master Configuration

Configuring Conference Call

Configuring Push Notifications


Expand
titleCompliance

Configuring Compliance Profiles

Allocating Compliance Profiles

Agent Contact Information

Viewing Modifying Profile Configuration


Expand
titleProductivity

Configuring Skills Gen

Configuring Skill Category

Configuring Core Competency

Adding Holidays

Expand
titleShift Management

Configuring Shifts

Allocating Shifts

Viewing Shift Roster Gen


Expand
titleEscalations

Configuring Auto Escalations

Configuring Manual Escalations



Expand
titleLicense

License Usage

License Acceptance

License Monitoring

Allocating Concurrent License

Guide Me


Expand
titlePassword Management

Password Management

Configuring Administrator

Configuring Security Questions

Mapping Security Questions

Configuring Keyword Message

Managing User Account

Status Details Report

User Registration Details Report

Configuring Password Expiry

Password E-mail Audit Log

Creating AD Property



Digi accordionexpand
titleReports and Dashboards

Viewing Reports

Creating New BI Report

Creating New BI Dashboard

Discovery Scan Error Report

Summit Audit Log for Login Accounts

SUMMIT Configuration Audit Report

Survey Report

License Trend Report


Scroll export button
scopecurrent
template-idc9a14909-8f27-452d-bca0-164bee1a9265
captionDownload this Page
add-onScroll PDF Exporter

Security Assertion Markup Language (SAML) is an open standard for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. Using SAML you can enable Single Sign Ons for the following portals:

Expand
titleOkta

If Okta SSO configuration is done for the End Users, the End Users can access the SummitAI application in any of the following ways:

  • From Okta URL: Log into the Okta URL, click the SummitAI icon and access the SummitAI application using the Okta credentials.
    Accessing the SummitAI application from OKTA URLImage Removed
    Image Added
    Figure: Accessing the SummitAI application from OKTA URL
    Logging into SummitAI applicationImage Removed

    Image Added
    Figure: Logging into SummitAI application

  • From SummitAI  URL: Specify the SummitAI  URL in the address bar. On the SummitAI login page, click the Okta icon. You are redirected to the Okta URL. Provide the Okta credentials to log into the SummitAI application.

    OKTA icon on SUMMIT Login page
    Figure: OKTA icon on SummitAI Login page

    OKTA Login page
    Figure: OKTA Login page

    Logging into SummitAI application
    Figure: Logging into SummitAI application


    • Note
      titleNote:

      If only Okta is configured, on accessing the SummitAI URL, you are automatically redirected to the Okta URL and on providing Okta credentials, you are logged into the SummitAI application. 

      OKTA Login pageImage Modified
      Figure: OKTA Login page

      Logging into SUMMIT applicationImage Modified
      Figure: Logging into SummitAI application


    • You can also access the SummitAI application by providing the SummitAI credentials. This option is available if Form login configuration is done by the Administrator.

Enabling SSO for SummitAI Using SAML (Okta Configuration)

Expand
titleAdding SummitAI as SAML App

You can add SummitAI as SAML app from the OKTA Console.

  1. Log into OKTA Admin Console. Click Admin. Click Add Applications under Shortcuts menu.
    Image Removed
    Image Added
    Figure: Okta page: Adding SummitAI app
  2. Click Create a new app. The Create a New Application Integration pop-up is displayed. Select the SAML 2.0 option and click Create.
    Image Removed
    Image Added
    Figure: Okta page: SummitAI app integration
  3. Provide the required details under the General Settings and click Next.
    Image Removed
    Image Added
    Figure: Okta page: SummitAI app details
  4. Provide the SAML details under SAML Settings and click Next.
    Image Removed
    Image Added
    Figure: Okta page: SummitAI SAML details
  5. Provide the feedback details under Feedback and click Finish.
    Image Removed
    Image Added
    Figure: Okta page: Feedback
  6. Click View Setup Instructions. Provide the required details.
    Okta setup instructionsImage Removed
    Image Added
    Figure: Okta setup instructions


Expand
titleUpdating SummitAI Details as SAML App

IfSummitAI is already added as a SAML app, you can modify the details as required.

  1. Log into OKTA Admin Console. Click Admin. Click Add Applications under Shortcuts menu.
    Image Removed
    Image Added
    Figure: Okta page: Editing SummitAI app details

  2. Click Apps you created. Select the SummitAI app that you want to update and click Edit.
    Image Removed
    Image Added
    Figure: Okta page: Editing SummitAI app details
  3. Update the required details under the General Settings and click Next.
    Image Removed
    Image Added
    Figure: Okta page: Editing SummitAI app details
  4. Update the SAML details under SAML Settings and click Next.
    Image Removed
    Image Added
    Figure: Okta page: Editing Feedback details
  5. Update the feedback details under Feedback and click Finish.
    Image Removed
    Image Added
    Figure: Okta page: Editing Feedback details
  6. Click View Setup Instructions. Update the required details.
    Image RemovedImage Added
    Figure: Okta page: Editing setup instructions


Expand
titleAdding User and Activating Them

You can add the users for whom SSO will be available for the SummitAI SAML app.

  1. Log into OKTA Admin Console. Click Admin. Select People from the Directory menu.
    Adding PeopleImage Removed
    Image Added
    Figure: Adding People

  2. Click Add Person. The Add Person pop-up is displayed. Provide the details about the user you are adding and click Add Person. If you want to add more users, click Save and Add Another.
    Adding People detailsImage Removed
    Image Added
    Figure: Adding People details

  3. The added user needs to be activated so that the user can use SSO from OKTA for SummitAI . Click Activate. A confirmation pop-up page is displayed. Click Activate User.
    Activating the added personImage Removed
    Image Added
    Figure: Activating the added person

SSO Configuration in SummitAI (For Okta)

To configure SSO in the SummitAI application for Okta:

  1. Select Admin > Basic > InfrastructureSSO Configuration. The SSO CONFIGURATION page is displayed. Select SAML and click ADD NEW under ACTIONS panel.
    Image Removed
    Image Added
    Figure: SSO Configuration page: Okta
  2. Type in the SSO configuration details. For more information about the fields on the SSO CONFIGURATION page, see Field Description.
  3. Click VALIDATE. The certificate information is displayed if the uploaded certificate is valid. For invalid certificate, an error message is displayed.
  4. Click SUBMIT. The SSO is configured successfully.

    Field Description

    The following table describes the fields on the SSO CONFIGURATION page:

    Field

    Description

    Domain

    Select the domain name from the list. The SAML based authentication will be configured for the selected domain.
    Note: T
    his field is not visible for single domain users.

    URL

    Provide the URL.

    Redirect URL

    Copy the SSO URL details from Okta configuration page and paste the URL details in this text box.

    SSO Type

    Select the SSO Type from the drop-down list.

    Response Attribute

    Select the response attribute from the drop-down list.

    Upload Certificate

    Upload the certificate that you downloaded during the SSO configuration using Okta SAML apps.

    Request Authentication ContextThis field lists the conditions to match the authentication context. In order to create a user, the authentication context must match with the authentication method. The available matching criterion are Better, Exact, Maximum, and Minimum.
    User CreationUpon enabling this checkbox, the user is created if that user is not available in SummitAI database but wants to login into the SummtAI application using Okta authentication method.
    Time Zone

    Select the timezone from the drop-down list. The selected timezone will be assigned to the newly created user.

    Note: This field is displayed only when the User Creation checkbox is enabled.

    Template Name

    Select the role template from the list. The selected role template will be assigned to the newly created user.

    Note: This field is displayed only when the User Creation checkbox is enabled.

    Logo

    Upload an image to be displayed as Google icon.



Expand
titleGoogle

Enabling SSO for SummitAI Using SAML (Google Configuration)

Expand
titleAdding SUMMIT as SAML App

You can add SummitAI as SAML app from the Google Admin Console.

  1. Log into Google Admin Console. Click Apps and select SAML Apps.
    Google App Settings pageImage Removed
    Image Added
    Figure: Google App Settings page

  2. Click the Plus icon to enable SSO for SAML application. Click SETUP MY OWN CUSTOM APP.

  3. Setting up SummitAI as custom appImage Removed

  4. Image Added
    Figure: Setting up SummitAI as custom app

  5. Provide the SSO URL, Entity ID, and download the certificate. Click NEXT.

  6. Downloading the certificatesImage Removed

  7. Image Added
    Figure: Downloading the certificates

  8. Provide basic information about the SummitAI application and click NEXT.

  9. Basic detailsImage Removed

  10. Image Added
    Figure: Basic details

  11. Provide the Service Provider details and click NEXT.

  12. Service Provider detailsImage Removed

  13. Image Added
    Figure: Service Provider details

  14. Provide mappings between service provider attributes to available user profile fields. You can also come back later to complete the attribute mapping. Click FINISH.

  15. Attribute mappingImage Removed

  16. Image Added
    Figure: Attribute mapping


Expand
titleUpdating SummitAI Details as SAML App

IfSummitAI If SummitAI is already added a SAML app, you can modify the details as required.

  1. Log into Google Admin Console. Click Apps and select SAML Apps.

    Google App Settings pageImage Modified
    Figure: Google App Settings page

  2. Select the SummitAI SAML app that you want to update.

    Updating SummitAI detailsImage Modified
    Figure: Updating SummitAI details

    Updating SummitAI  detailsImage Modified
    Figure: Updating SummitAI details

  3. Click the Service Provide Details and the Attribute Mapping sections to modify details in the respective sections.

    Updating Service Provider detailsImage Modified
    Figure: Updating Service Provider details

    Updating Attribute MappingImage Modified
    Figure: Updating Attribute Mapping


Expand
titleEnabling/ Disabling the SUMMIT SAML App

You can enable or disable the SummitAI SAMP app configuration for all the users or for selected organizations.

  1. Log into Google Admin Console. Click Apps and select SAML Apps.

    Google App Settings page
    Figure: Google App Settings page
  2. All the configured SAML apps are displayed. Click the three dots next to the SummitAI SAML app that you want to enable or disable for users. Select the appropriate option from the options. The available options are ON for everyone, ON for some organizations, and OFF.

    Enabling SUMMIT appImage Modified
    Figure: Enabling SummitAI app

Field Descriptions

Option

Description

ON for everyone

If selected, the SAML app is available to all the users.

ON for some organizations

If selected, the SAML app is available to users of the selected organizations

OFF

If selected, the SAML app is not available to anybody.



Expand
titleAdding Users

You can add the users for whom SSO will be available for the SummitAI SAML app.

  1. Log into Google Admin Console and select Users from the left menu.

    Adding Users
    Figure: Adding Users
  2. Mouse hover on the Add icon, the available icons are: Invite users, Add multiple users, and Add user.

    Adding Users
    Figure: Adding Users

    Multiple options to add users
    Figure: Multiple options to add users
  • Invite users: Select this option to invite users to use the SummitAI SAML app as SSO from Google. Specify the e-mail ids of the users to whom you want to send the invitation.

    Inviting users
    Figure: Inviting users

    Inviting users
    Figure: Inviting users
  • Add multiple users: Select this option to add multiple users. You can upload a Microsoft Excel sheet with the names of the users and other details (download the template AS.CSV).

    Adding multiple users
    Figure: Adding multiple users
  • Add user: Select this option to a user. Provide the first name, last name, and the e-mail id of the user.

    Adding Single User
    Figure: Adding single user

SSO Configuration in SummitAI (For Google)

To configure SSO in the SummitAI application for Google:

  1. Select Admin > Basic > Infrastructure >SSO Configuration. The SSO CONFIGURATION page is displayed. Select SAML and click ADD NEW under ACTIONS panel.
    Image Removed
    Image Added
    Figure: SSO Configuration page: Google
  2. Type in the SSO configuration details. For more information about the fields on the SSO CONFIGURATION page, see Field Description.
  3. Click VALIDATE. The certificate information is displayed if the uploaded certificate is valid. For invalid certificate, an error message is displayed.
  4. Click SUBMIT. The SSO is configured successfully.

    Field Description

    The following table describes the fields on the SSO CONFIGURATION page:

    Field

    Description

    Domain

    Select the domain name from the list. The SAML based authentication will be configured for the selected domain.
    Note: This field is not visible for single domain users.

    URL

    Provide the URL.

    Redirect URL

    Copy the SSO URL details from Google configuration page and paste the URL details in this text box.

    SSO Type

    Select the SSO Type from the drop-down list.

    Response Attribute

    Select the response attribute from the drop-down list.

    Upload Certificate

    Upload the certificate that you downloaded during the SSO configuration using Google SAML apps.

    Request Authentication ContextThis field lists the conditions to match the authentication context. In order to create a user, the authentication context must match with the authentication method. The available matching criterion are Better, Exact, Maximum, and Minimum.
    User CreationUpon enabling this checkbox, the user is created if that user is not available in SummitAI database but wants to login into the SummtAI application using Google SAML authentication method.
    Time Zone

    Select the timezone from the drop-down list. The selected timezone will be assigned to the newly created user.

    Note: This field is displayed only when the User Creation checkbox is enabled.

    Template Name

    Select the role template from the list. The selected role template will be assigned to the newly created user.

    Note: This field is displayed only when the User Creation checkbox is enabled.

    Logo

    Upload an image to be displayed as Google icon.



Expand
titlePing Federate


Expand
titlePrerequisites to be performed in Ping Federate Server
  1. Login to Ping Federate server.
    Ping Federate Login ScreenImage Removed
    Image Added
    Figure: Ping Federate Login Screen
  2. On the Identity Provider tab, under SP Connections section, click Create New.

    Identity Provider tabImage Removed


    Image Added
    Figure: Identity Provider tab

  3. On the SP Connection section, configure the tabs as follows:

    Expand
    titleConnection Type
    SP Connection _ Connection TypeImage Removed

    Image Added
    Figure: SP Connection _ Connection Type


    Expand
    titleConnection Options
    SP Connection _ Connection OptionsImage Removed

    Image Added
    Figure: SP Connection _ Connection Options


    Expand
    titleImport Metadata

    If you have a Metadata URL or FILE, select the respective options and provide the information. If you do not have an URL or a FILE, Select NONE.

    SP Connection _ Import MetadataImage Removed

    Image Added
    Figure: SP Connection _ Import Metadata


    Expand
    titleGeneral Info

    On the General Info tab, specify the PARTNER'S ENTITY IDCONNECTION NAME, and the BASE URL. Select the LOGGING MODE as STANDARD.

    SP Connection _ General InfoImage Removed

    Image Added
    Figure: SP Connection _ General Info


    Expand
    titleBrowser SSO

    On the Browse SSO tab, click Configure Browse SSO.

    SP Connection _ Browse SSOImage Removed

    Image Added
    Figure: SP Connection _ Browse SSO

    Expand
    titleSAML Profiles

    On the SAML Profiles section, select IDP-INITAIATED SSO.

    SAML PROFILESImage Removed

    Image Added
    Figure: SAML PROFILES


    Expand
    titleAssertion Lifetime
    Assertion Lifetime tabImage Removed

    Image Added
    Figure: Assertion Lifetime tab


    Expand
    titleAssertion Creation

    On the Assertion Creation tab, click Configure Assertion Creation.

    Configure AssertionImage Removed

    Image Added
    Figure: Configure Assertion


    Expand
    titleProtocol Settings

    On the Protocol Settings tab, click Configure Protocol Settings.

    Protocol Settings tabImage Removed

    Image Added
    Figure: Protocol Settings tab

    Expand
    titleAssertion Consumer Service URL

    Select Binding as POST and specify the Endpoint URL as /Summit_SAMLResponse.aspx.

    Assertion Consumer Service URLImage Removed

    Image Added
    Figure: Assertion Consumer Service URL


    Expand
    titleSignature Policy

    Select ALWAYS SIGN THE SAML ASSERTION and click Next.

    Signature PolicyImage Removed

    Image Added
    Figure: Signature Policy


    Expand
    titleEncryption Policy
    Encryption PolicyImage Removed

    Image Added
    Figure: Encryption Policy


    Expand
    titleSummary
    SummaryImage Removed

    Image Added
    Figure: Summary



    Expand
    titleSummary

    On the Summary tab, click Done. You will redirected to SP Connection Page.

    Browser SSO _ SummaryImage Removed

    Image Added
    Figure: Browser SSO _ Summary



    Expand
    titleCredentials

    Click Configure Credentials.

    CredentialsImage Removed

    Image Added
    Figure: Credentials

    Expand
    titleDigital Signature Settings

    Click Manage Certificates and configure Signing Certificate.

    Digital Signature SettingsImage Removed

    Image Added
    Figure: Digital Signature Settings


    Expand
    titleSummary

    On the Summary tab, click Done. You will be redirected to SP Connection page.

    Credentials SummaryImage Removed

    Image Added
    Figure: Credentials Summary



    Expand
    titleActivation & Summary

    Select the Connection Status as Active and click Save.

    SP Connection _ SummaryImage Removed

    Image Added
    Figure: SP Connection _ Summary


  1. Click Server Configuration and then click Metadata Export under ADMINISTRATIVE FUNCTIONS.

    Expand
    titleMetadata Role
    Metadata RoleImage Removed

    Image Added
    Figure: Metadata Role


    Expand
    titleMetadata Mode
    Metadata ModeImage Removed

    Image Added
    Figure: Metadata Mode


    Expand
    titleConnection Metadata

    Select the configured SP Connection from the drop-down list.

    Connection MetadataImage Removed

    Image Added
    Figure: Connection Metadata

    Expand
    titleMetadata Signing

    Select the Signing Certificate from the drop-down list.

    Metadata SigningImage Removed

    Image Added
    Figure: Metadata Signing


    Expand
    titleExport & Summary

    On the Export & Summary tab, click Export and then click Done. An XML file is downloaded.

    Image Removed

    Image Added
    Figure: Export & Summary



    Note
    titleNote:
    • Redirect URL : Select Identity Provider > SP CONNECTIONS. Click the SP Connection that you have configured. The SSO Application Endpoint displayed here is the Redirect URL to be entered in SummitAI Application. 
      Redirect URL - SampleImage Removed
      Image Added
      Figure: Redirect URL - Sample

    • Upload Certificate : The Certificate is available in the Metadata file, under the tag <ds:X509Certificate>. Copy this data and enter under Upload Certificate section.



Expand
titleConfiguration in SummitAI Application

SSO Configuration in SummitAI (For Ping Federate)

To configure SSO in the SummitAI application:

  1. Select Admin > Basic > InfrastructureSSO Configuration. The SSO CONFIGURATION page is displayed. Select SAML and click ADD NEW under ACTIONS panel.
    Image Removed

    Image AddedFigure: SSO Configuration page: Ping Federate

  2. Type in the SSO configuration details. For more information about the fields on the SSO CONFIGURATION page, see Field Description.

  3. Click VALIDATE. The certificate information is displayed if the uploaded certificate is valid. For invalid certificate, an error message is displayed.

  4. Click SUBMIT. The SSO is configured successfully.

Field Description

The following table describes the fields on the SSO CONFIGURATION page:

FieldDescription
Domain

Select the domain name from the list. The SAML based authentication will be configured for the selected domain.
Note: This field is not visible for single domain users.

URLProvide the URL.
Redirect URLCopy the SSO URL details from Ping Federate configuration page and paste the URL details in this text box.
SSO TypeSelect the SSO Type from the drop-down list.
Response AttributeSelect the response attribute from the drop-down list.
Upload CertificateUpload the certificate that you downloaded during the SSO configuration using Ping Federate SAML apps.
Request Authentication ContextThis field lists the conditions to match the authentication context. In order to create a user, the authentication context must match with the authentication method. The available matching criterion are Better, Exact, Maximum, and Minimum.
User CreationUpon enabling this checkbox, the user is created if that user is not available in SummitAI database but wants to login into the SummtAI application using SAML PingFederate authentication method.
Time Zone

Select the timezone from the drop-down list. The selected timezone will be assigned to the newly created user.

Note: This field is displayed only when the User Creation checkbox is enabled.

Template Name

Select the role template from the list. The selected role template will be assigned to the newly created user.

Note: This field is displayed only when the User Creation checkbox is enabled.

LogoUpload an image to be displayed as Ping Federate icon.




Expand
titleADFS


Expand
titlePrerequisites to be performed in ADFS
  1. Login to your ADFS account. On the Start screen, in the Search bar type in ADFS Management. Click ADFS Management.
    ADFS Start screenImage Removed
    Image Added
    Figure: ADFS Start screen
  2. Under Trust Relationships, click Relying Party Trusts and then click Add Relying Party Trust.
    Add Relying Party TrustImage Removed
    Image Added
    Figure: Add Relying Party Trust
  3. On the Welcome tab of Add Relying Party Trust Wizard, click Start.
    Welcome tabImage Removed
    Image Added
    Figure: Welcome tab
  4. On the Select Data Source tab, select Enter data about the relying party manually.
    Select Data Source tabImage Removed
    Image Added
    Figure: Select Data Source tab
  5. On the Specify Display Name tab, specify a Display name and click Next.
    Specify Display Name tabImage Removed
    Image Added
    Figure: Specify Display Name tab
  6. On the Choose Profile tab, select ADFS Profile and click Next.
    Choose Profile tabImage Removed
    Image Added
    Figure: Choose Profile tab
  7. On the Configure Certificate tab, click Next.
  8. On the Configure URL tab, Select Enable Support for the SAML 2.0 Web SSO Protocol.
    Configure URL tabImage Removed
    Image Added
    Figure: Configure URL tab

    Note
    titleNote:

    For Mobile App Relying party SAML 2.0 SSO service URL should be:

    https://customer.domain.com/SSO/MobileSAMLResponse.aspx


  9. On the Configure Identifiers tab, specify a Relying Party trust identifier and click Next.

    Configure Identifiers tabImage Removed


    Image Added
    Figure: Configure Identifiers tab

  10. Configure Multi-factor Authentication Now

    Configure Multi-factor Authentication NowImage Removed


    Image Added
    Figure: Configure Multi-factor Authentication Now

  11. Choose Issuance Authorization Rules

    Choose Issuance Authorization Rules tabImage Removed


    Image Added
    Figure: Choose Issuance Authorization Rules tab

  12. Ready to Add Trust

    Ready to Add Trust tabImage Removed


    Image Added
    Figure: Ready to Add Trust tab

  13. Finish

    Finish tabImage Removed


    Image Added
    Figure: Finish tab

  14. Click Add Rule and Choose Claim Rule as Send LDSP Attributes as Claims on the Edit Claim Rules for ADFSSAML window.

    Add RuleImage Removed


    Image Added
    Figure: Add Rule

  15. On the Choose Rule Type section, select Claim Rule Template as Send LDAP Attributes as Claims.

    Choose Rule TypeImage Removed


    Image Added
    Figure: Choose Rule Type

  16. Specify the details in Configure Claim Rule tab as shown in the image below and click Finish.
    Configure Claim RuleImage Removed
    Image Added
    Figure: Configure Claim Rule

    Note
    titleNote::

    SummitAI Application uses Email of the user as a login ID. For this to work, you need to set up the Email as the NameID on the SAML login request. This can be achieved by setting up a Transform Rule.


  17. Click Add Rule again, choose Transform an Incoming Claim and click Next.
    Choose Rule Type tabImage Removed
    Image Added
    Figure: Choose Rule Type tab

  18. Setup Email ID to be sent as NameID as shown below and click Finish.

    Configure Claim RuleImage Removed


    Image Added
    Figure: Configure Claim Rule

  19. On the ADFS Management window, right click on the Relying Party for SummitAI and choose properties. Under the Advanced tab, choose SHA­-256 as the Secure Hash Algorithm.

    Secure hash AlgorithmImage Removed


    Image Added
    Figure: Secure hash Algorithm

  20. On the ADFS Management Window, choose Services > Certificates and double click Token Signing Certificate, which will give you an option copy to file. By doing this, you will be able to export the X509 certificate from the raw file.

    Certificates SectionImage Removed


    Image Added
    Figure: Certificates Section

  21. Select the format as shown below.

    Export File FormatImage Removed


    Image Added
    Figure: Export File Format


Expand
titleConfiguration in SummitAI Application

SSO Configuration inSummitAI (For ADFS)

To configure SSO in the SummitAI application:

  1. Select Admin > Basic > Infrastructure > SSO Configuration. The SSO CONFIGURATION page is displayed. Select SAML and click ADD NEW under ACTIONS panel.
    Image Removed

    Image AddedFigure: SSO Configuration page: ADFS
  2. Type in the SSO configuration details. For more information about the fields on the SSO CONFIGURATION page, see Field Description.
  3. Click VALIDATE. The certificate information is displayed if the uploaded certificate is valid. For invalid certificate, an error message is displayed.
  4. Click SUBMIT. The SSO is configured successfully.

Field Description

The following table describes the fields on the SSO CONFIGURATION page:

Field

Description

Domain

Select the domain name from the list. The SAML based authentication will be configured for the selected domain.
Note: This field is not visible for single domain users.

URL

Provide the URL.

Redirect URL

Copy the SSO URL details from ADFS configuration page and paste the URL details in this text box.

SSO Type

Select the SSO Type from the drop-down list.

Response Attribute

Select the response attribute from the drop-down list.

Upload Certificate

Upload the certificate that you downloaded during the SSO configuration using ADFS SAML apps.

Request Authentication ContextThis field lists the conditions to match the authentication context. In order to create a user, the authentication context must match with the authentication method. The available matching criterion are Better, Exact, Maximum, and Minimum.
User CreationUpon enabling this checkbox, the user is created if that user is not available in SummitAI database but wants to login into the SummtAI application using ADFS SAML authentication method.
Time Zone

Select the timezone from the drop-down list. The selected timezone will be assigned to the newly created user.

Note: This field is displayed only when the User Creation checkbox is enabled.

Template Name

Select the role template from the list. The selected role template will be assigned to the newly created user.

Note: This field is displayed only when the User Creation checkbox is enabled.

Logo

Upload an image to be displayed as ADFS icon.



ACTIONS

This section explains all the icons displayed on the ACTIONS panel of the SSO CONFIGURATION page.

SHOW LIST

Click SHOW LIST to display the LIST table showing the SSO configured in the SummitAI application for SAML.


Figure: SSO Configuration: SAML

Filters

On the FILTERS pop-up page, select a domain name from the list and then click SUBMIT. A list of SAML based authentications configured for the selected domain is displayed.

FILTERS Pop-up page
Figure: FILTERS Pop-up page

ADD NEW

Click ADD NEW to configure a new SAML based authentication for a domain. 

Scroll ignore
scroll-pdftrue
scroll-officetrue
scroll-chmtrue
scroll-docbooktrue
scroll-eclipsehelptrue
scroll-epubtrue
scroll-htmltrue


1

| |