Implementing Single Sign-On (SSO) with WeCP enhances user convenience and security by allowing users to access the platform with a single set of credentials. This guide will walk you through the steps to set up SSO for your organization on WeCP.
Prerequisites
Before you begin, ensure you have the following:
Admin access to your WeCP account.
An Identity Provider (IdP) such as Okta, Azure AD, or Google Workspace
Basic knowledge of SAML 2.0 protocols.
Step 1: Configure Your Identity Provider (IdP)
The steps to configure the IdP will vary depending on the provider (e.g., Okta, Azure AD, Google Workspace). Please refer to your provider’s documentation for specific details. Below is a general overview to guide you through the process
Log in to your IdP:
Access your IdP’s admin console.
Navigate to the section where you can manage applications or integrations.
Create a new application:
Select the option to add a new application.
Choose the appropriate protocol: SAML 2.0.
Enter WeCP details:
For SAML-based integrations, you’ll need to enter the following details
Entity ID / Audience URI:
urn:amazon:cognito:sp:ap-south-1_XtKyyY4xvACS URL:
https://auth.wecreateproblems.com/saml2/idpresponseNameID Format:
EmailAddress
Configure attribute mapping:
Map the IdP attributes to WeCP’s user fields. Common attributes include:
Email:
user.emailFirst Name:
user.firstNameLast Name:
user.lastName
Save and assign users:
Save the application configuration.
Assign the application to users or groups who need access to WeCP.
Step 2: Configure SAML SSO in WeCP
Follow these steps to configure SAML SSO on the WeCP platform:
Log in to the WeCP platform
Ensure you have admin access to proceed. Once logged in, you’ll see the dashboard
Navigate to Security and Access Settings
Go to Settings from the left navigation, and then select Security & Access
Enable SAML SSO and configure
Click on Enable SAML SSO, and a modal for configuration will open.
Update Allowed domains and Attribute Mapping
The Allowed Domains field will auto-fill based on your email domain. If you wish to configure SSO for different or multiple domains, you can add them here (up to 5 domains).
In the Attribute Mapping section, update the attributes to match the configuration in your IdP. Refer to Step 1, point 4, for guidance on how to map attributes like Email and Name
Enter Identity Provider Details
Under Identity Provider Details, you can choose either Metadata URL or Metadata XML, both of which can be obtained from your IdP configuration. Refer to your IdP’s documentation for detailed instructions.
Save the Configuration and Validate SSO
Click Save to finalize your SAML SSO configuration. After saving, test the configuration by clicking Test SAML SSO. This will redirect you to your IdP’s authentication page. Ensure the authentication process completes successfully for the configured domain(s).
Note: You can also validate SSO by logging out and logging back in using SSO.
• For all admins, it’s possible to log in using both SSO and a username/password simultaneously. In case of any issues with the SSO configuration, you can log in with your username and password to make changes to the SSO setup.
Troubleshooting
If you encounter any issues, consider the following troubleshooting steps:
Check IdP logs: Review the logs in your IdP for any errors or warnings.
Review WeCP configuration: Ensure all URLs, certificates are correctly entered.
Attribute mapping: Verify that the attributes are correctly mapped between the IdP and WeCP.
Network issues: Ensure there are no network issues preventing communication between WeCP and your IdP.
Support
If you need further assistance, contact WeCP support at support@wecreateproblems.com or refer to the WeCP documentation for additional guidance.
By following these steps, you can successfully implement SSO for WeCP, providing a seamless and secure login experience for your users.