Implementing Single Sign-On (SSO) with WeCP enhances user convenience and security by allowing users to access the platform with a single set of credentials. This guide will walk you through the steps required to set up SSO for your organization on WeCP.
Prerequisites
Before you begin, ensure you have the following:
Admin access to your WeCP account.
An Identity Provider (IdP) such as Okta, Azure AD, or Google Workspace.
Basic knowledge of SSO protocols like SAML or OAuth.
Step 1: Configure Your Identity Provider (IdP)
Log in to your IdP:
Access your IdP’s admin console.
Navigate to the section where you can manage applications or integrations.
Create a new application:
Select the option to add a new application.
Choose the appropriate protocol (SAML, OAuth, or OpenID Connect).
Enter WeCP details:
For SAML, enter the following details:
Entity ID:
https://your-domain.wecp.com/ssoSSO URL:
https://your-domain.wecp.com/sso/loginACS URL:
https://your-domain.wecp.com/sso/acsNameID Format:
EmailAddress
For OAuth/OpenID Connect, enter the necessary URLs and scopes as provided by WeCP.
Configure attribute mapping:
Map the IdP attributes to WeCP’s user fields. Common attributes include:
Email:
user.emailFirst Name:
user.firstNameLast Name:
user.lastName
Save and assign users:
Save the application configuration.
Assign the application to users or groups who need access to WeCP.
Step 2: Configure SSO in WeCP
Log in to WeCP:
Access your WeCP Sandbox Console.
Navigate to SSO settings:
Go to the Settings section.
Select SSO from the menu.
Enter IdP details:
For SAML:
SSO URL: Copy from your IdP configuration.
Entity ID: Copy from your IdP configuration.
X.509 Certificate: Download the certificate from your IdP and upload it here.
For OAuth/OpenID Connect:
Client ID: Enter the Client ID from your IdP.
Client Secret: Enter the Client Secret from your IdP.
Authorization URL: Enter the authorization URL provided by your IdP.
Token URL: Enter the token URL provided by your IdP.
User Info URL: Enter the user info URL provided by your IdP.
Test the connection:
Use the Test Connection button to verify that WeCP can communicate with your IdP.
If the test is successful, proceed to the next step. If not, review the configuration for any errors.
Enable SSO:
Once the connection is verified, enable SSO for your organization.
Save the settings.
Step 3: Verify SSO Implementation
Log out of WeCP:
Log out of your current session to test the SSO login.
Initiate SSO login:
Go to your WeCP login page and select the SSO Login option.
You should be redirected to your IdP for authentication.
Authenticate with IdP:
Enter your IdP credentials.
Upon successful authentication, you should be redirected back to WeCP and logged in automatically.
Verify user access:
Ensure that users can access WeCP via SSO without any issues.
Check that user attributes are correctly mapped and displayed within WeCP.
Troubleshooting
If you encounter any issues, consider the following troubleshooting steps:
Check IdP logs: Review the logs in your IdP for any errors or warnings.
Review WeCP configuration: Ensure all URLs, certificates, and credentials are correctly entered.
Attribute mapping: Verify that the attributes are correctly mapped between the IdP and WeCP.
Network issues: Ensure there are no network issues preventing communication between WeCP and your IdP.
Support
If you need further assistance, contact WeCP support at support@wecreateproblems.com or refer to the WeCP documentation for additional guidance.
By following these steps, you can successfully implement SSO for WeCP, providing a seamless and secure login experience for your users.