Connect-2-Everything SAML SSO (client documentation)

Similar documents
Getting Started with the Aloha Community Template for Salesforce Identity

Administrator Manual. Last Updated: 15 March 2012 Manual Version:

Enhancing cloud applications by using external authentication services. 2015, 2016 IBM Corporation

Grandstream Networks, Inc. Captive Portal Authentication via Twitter

Administrator Manual. Last Updated: 15 March 2012 Manual Version:

Grandstream Networks, Inc. Captive Portal Authentication via Facebook

Google Tag Manager. Guide

Grandstream Networks, Inc. Captive Portal Authentication via Facebook

Grandstream Networks, Inc. Captive Portal Authentication via Facebook

Introduction to application management

System Administrator s Guide Login. Updated: May 2018 Version: 2.4

Configuration Tab. Cisco WebEx Messenger Administration Guide 1

Configuration Tab. Cisco WebEx Messenger Administration Guide 1

SafeNet Authentication Manager

WHO-SEARO HEALTH INFORMATION PLATFORM (HIP) Standard Operating Procedures

Technical Support. Web site. 24online Support Contact. ( a) Technical support (Corporate Office):

Admin Panel for MEETS. User Guide

Administrator User Manual Alandalus

BrainCert Enterprise LMS. Learning Management System (LMS) documentation Administrator Guide Version 3.0

DocuSign Single Sign On Implementation Guide Published: June 8, 2016

Let your customers login to your store after pre-approval

13241 Woodland Park Road, Suite 400 Herndon, VA USA A U T H O R : E X O S T A R D ATE: M A R C H V E R S I O N : 3.

Login with Amazon. Customer Experience Overview for Android/Fire apps

Administration. STILOG IST, all rights reserved

Adobe Sign for Microsoft Dynamics

Registering / Logging In to the POTA Statistics System. Go to stats.parksontheair.com. From this screen, click Login/Logout in the Navigation Menu

Protecting SugarCRM with SafeNet Authentication Manager

How to social login with Aruba controller. Bo Nielsen, CCIE #53075 (Sec) December 2016, V1.00

Guide to your CGIAR Network account Self Service tool

Adobe Document Cloud esign Services. for Salesforce Version 17 Upgrade Guide

Infoblox Authenticated DHCP

Advanced Training Manual: Surveys Last Updated: October 2013

Quickstart Guide to Setup your Zoom Account To start, visit the USF Zoom site:

PowerExchange for Facebook: How to Configure Open Authentication using the OAuth Utility

NIELSEN API PORTAL USER REGISTRATION GUIDE

MIGRATING FROM PORTALS TO COMMUNITIES

Configuring Single Sign-on from the VMware Identity Manager Service to Marketo

TECHNICAL GUIDE SSO SAML. At 360Learning, we don t make promises about technical solutions, we make commitments.

Morningstar ByAllAccounts SAML Connectivity Guide

CUSTOMER PORTAL. Custom HTML splashpage Guide

Chatter Answers Implementation Guide

Integrating VMware Horizon Workspace and VMware Horizon View TECHNICAL WHITE PAPER

Chatter Answers Implementation Guide

TECHNICAL GUIDE SSO SAML Azure AD

Salesforce ldeas Implementation Guide

Setting Up Resources in VMware Identity Manager (On Premises) Modified on 30 AUG 2017 VMware AirWatch 9.1.1

FB Image Contest. Users Manual

3. Optionally, if you want to use the new Web SSO feature, complete the steps in Adding Web Single Sign-On Functionality.

Administering Jive Mobile Apps

Learn how to login to Sitefinity and what possible errors you can get if you do not have proper permissions.

Microsoft ADFS Configuration

Industry Access Portal User Manual

Secure Access Manager User Guide September 2017

Instructions for using your new adobe connect license:

Identity Implementation Guide

Job Aid: Citrix Receiver Upgrade

MeetMe Planner Design description. Version 2.2

Brand Tools. Technical Channel Integration Guide

Google SSO Intergration with KWL Digital

Guest Access User Interface Reference

OneLogin Integration User Guide

Adobe Sign for MS Dynamics 365 CRM

Integration Guide. PingFederate SAML Integration Guide (SP-Initiated Workflow)

Creating Effective School and PTA Websites. Sam Farnsworth Utah PTA Technology Specialist

Aruba Central Guest Access Application

BIG-IP Access Policy Manager : Portal Access. Version 12.1

Integrating the YuJa Enterprise Video Platform with Dell Cloud Access Manager (SAML)

Setting Up Resources in VMware Identity Manager (SaaS) Modified 15 SEP 2017 VMware Identity Manager

ESSR European Space Software Repository

Integration Guide. SafeNet Authentication Service. Protecting SugarCRM with SAS

SOCIAL LOGIN FOR MAGENTO 2 USER GUIDE

SAML-Based SSO Solution

Webthority can provide single sign-on to web applications using one of the following authentication methods:

INSTALLATION GUIDE Spring 2017

Business Chat Onboarding Your Business Chat Accounts. September

GUIDE TO POSTING ON THE CSE WEBSITE

Administering Workspace ONE in VMware Identity Manager Services with AirWatch. VMware AirWatch 9.1.1

Drupal Basics. for COS and CLASS site maintainers

SafeNet Authentication Manager. Integration Guide. Using SAM as an Identity Provider for Dropbox

CMS and e-commerce Solutions. version 1.0. Please, visit us at: or contact directly by

User Management. Juan J. Doval DEIMOS SPACE S.L.U. NextGEOSS, April 2018

Cloud Access Manager Configuration Guide

Creating Post(s) In WordPress

SAML-Based SSO Solution

ScholarBlogs Basics (WordPress)

penelope case management software AUTHENTICATION GUIDE v4.4 and higher

Configuration Guide - Single-Sign On for OneDesk

DigiCert User Guide. Version 6.4

DigiCert User Guide (GÉANT)

SchoolMessenger Communicate for iphone

bt-webfilter Administrator s Guide: Access Rules & Custom Access Policies

Getting Started: Log on or Create Account

SCHULICH MEDICINE & DENTISTRY Website Updates August 30, Administrative Web Editor Guide v6

Salesforce External Identity Implementation Guide

HOTDOCS DOCUMENT SERVICES

SAML 2.0 SSO. Set up SAML 2.0 SSO. SAML 2.0 Terminology. Prerequisites

Qualys SAML 2.0 Single Sign-On (SSO) Technical Brief

Embedded101 Blog User Guide

Oracle Access Manager Integration Oracle FLEXCUBE Payments Release [Feb] [2018]

Identity Implementation Guide

Transcription:

Connect-2-Everything SAML SSO (client documentation)

Table of Contents Summary Overview Refined tags

Summary The Connect-2-Everything landing page by Refined Data allows Adobe Connect account holders to present a registration form for access to meeting rooms as a landing page. Built into the landing page is the Connect-2-Everything Security Assertion Markup Languag e ( SAML, pronounced sam-el) Single Sign On ( SSO ) that provides the authentication and authorization between a client s identity provider (or other identity providers) and Refined Data s service provider. The Connect-2-Everything SAML adds additional functionality in the form of additional SSO options to the landing page provided to users before accessing an Adobe Connect meeting room. When in use, the SAML SSO processes three scenarios: If the user does not exist in Adobe Connect, the system will create the user and add the user to the correct group for access to the designated Adobe Connect meeting room. If the user already exists in Adobe Connect, created previously via API call, the SAML SSO updates the password and grants access to the meeting room. If the user was created manually in Adobe Connect, the system will ask for a password and then grant access to the Adobe Connect meeting room. When the integration with the client s identity provider is completed, any Adobe Connect meeting room URL can be added to the landing page URL to direct the user to fill in the meeting access form or use the SSO to enter the meeting room. URL: http://client.connect2everything.refineddata.com/lp/form/room (Full path) This URL is used when SAML is enabled. URL http://client.connect2everything.refineddata.com/room (Short path) This URL can only be used if SAML is disabled. Both URLs can be used if SAML is disabled. Overview The landing page form is oriented with the title and description of the meeting room at the top of the page. The title and description is populated with the information provided for that meeting

room in Adobe Connect. The header and footer can be customized to match each client s website and the landing page is responsive. HTML is allowed in the description. If the description provided is not done in HTML (but via a WYSIWYG editor), the system will make the conversion to HTML automatically. If the description includes certain HTML, the system will assume the description input contains HTML and will not make any assumptions to add any additional HTML. The left side of the form retains the original access option(s), via Enter as a guest fields. The fields for the guest form can be set per client in the database with the ability to make certain fields mandatory or not. The process of filling in the guest form will create an authenticated user. Users do not have the ability to enter their Adobe Connect login credentials to access the meeting room.

If the user does not enter their email address, and selects enter meeting, an error message ( Could not create user, require either login or email and neither was provided ) will display directing the user to provide their credentials. The right side of the form adds additional SSO options. NOTE: If the SAML SSO is disabled, only the guest form will appear to the user. SSO options: Sign in with Google Sign in with LinkedIn Sign in with Facebook Sign in with Twitter Sign in with Refined Data (Or sign in with [[client identity provider]]) The client identity provider or corporate provider is custom to each client with the ability to customize the SSO button to the client s branding. This is set in the database for each corporate account. The first time a user accesses an Adobe Connect meeting room via the SAML SSO options, the user will be redirected to a third-party authorization login page. The user must grant permission to sign in with the account of their choosing. After authentication, the user is redirected back to the Connect-2-Everything landing page and the Adobe Connect meeting room is automatically launched. EXAMPLE: A user chooses to sign in with their Google account and the Google account will request the user s permission for the Refined Data system to gather information about the user. 1) Know who you are on Google 2) View your email address 3) View your basic profile info Once accepted, the user is redirected to the meeting room.

Once this first time verification is complete, the next time a user chooses to access an Adobe Connect meeting room via the SAML SSO, the user will be directly placed into the meeting room. To change web authentication, the client can create their own Google account and update the heading on the authentication page. Learn more here. Users with Adobe Connect administrator or host accounts can access Adobe Connect Central via the SSO using the URL http://client.connect2everything.refineddata.com with no meeting information in the URL. These accounts are logged in with the client s identity provider. When accounts are created in the SAML SSO process, whatever identity information is passed from the identity provider becomes the username. Therefore, users who continue to use their account on Adobe Connect for administrative purposes (administrator and host accounts), may need to have their login credentials updated. There is also the option to configure the system to not update administrator and host account passwords so those users can continue to log in directly to Adobe Connect. If the identity provider provides username credentials that are different than the user s email, the Adobe Connect account will need to disable email as username so the SSO can match credentials. Refined Tags Refined Data has created a series of Refined T ags that can be used in conjunction with the SAML SSO to modify the functions of the landing page. Tags are added in the meeting description in Adobe Connect under the edit information tab of a meeting. The system removes the tags before they are displayed allowing the tags to be placed anywhere in the description and effectively applying the tags, but not displaying them. [[early=redirecturl,minutes]] - Provide a number of minutes in this tag, and if the user is early to the meeting by that specified number of minutes or earlier, the user is redirected to the redirect URL provided. The redirecturl must be a full URL that includes http(s)://. If this tag is not included, the system will perform whatever function it normally performs when a user is early. [[late=redirecturl,minutes]] - Provide a number of minutes in this tag, and if the user is late to the meeting by that specified number of minutes, the user is redirected to the redirect URL

provided. The redirecturl must be a full URL that includes http(s)://. If this tag is not included, the system will perform whatever function it normally performs when a user is late. NOTE: Each client database has a setting accessible by administrators in administration settings for whether the system should checks times. The above tags only apply if that setting is switched to on. If the setting is off, the the system assumes that the user should have direct access to the meeting room. [[allowarchive=true,days]] - Provide a number of days that specifies, if a user is late to a meeting, but within the provided number of days, a message is displayed notifying the user they are late. If the user is late to the meeting outside of the specified number of days, the system will check for an archive of the meeting and direct the user to the archive or recording of the meeting. I f there are multiple recordings available, the system will refer the user to the most recent recording. A day is defined as 24 hours and the tag only accepts day calculations (hours or minutes are not allowed. However,.5 could be entered as a ½ day value). The tag can also be displayed [[allowarchive=false,days]] which is the equivalent to not using the tag. [[domain=domain1,domain2...]] - Provide a list of domains separated by a comma and the system will only allow users access to the meeting room if their domain matches the list of designated domains. This tag only applies to the email field in the guest form. The tag does not notify the user which domains are approved. [[denyguests=true]] / [[allowguests=true]] - There is a default setting for each client specifying whether guests are allowed or not allowed within meeting rooms. These tags are used to reverse that system default. If these tags are not present, then the system will default to the system setting. [[private=true]] - Use this tag to deny access to a meeting room unless a user is specifically added to the Adobe Connect group allowing access to the meeting room. Standard practice dictates that without the use of this tag, users are created (if they don t exist) and added to the meeting room group. If the tag is applied, then users not in the group are not allowed to access the meeting room. If a user has the meeting room URL, but is not specifically added to the associated group, (and the tag is applied), the user is added to Adobe Connect, but not the group and is prevented from accessing the meeting room.

[[theme=lookandfeel1]] - If a client has more than one theme available, the theme defined among meeting rooms can be set using this tab. The meeting room s URL would display the selected theme designated in the tag. Refined Data creates the theme in the client s database. [[forcebrowser=true]] - If this tag is added, the meeting room URL will add the suffix launcher=false, forcing the meeting room to launch in a browser. This tag overrides any individual user s use of the add-in. [[denyauth=google, linkedin, ]] / [[allowauth=google, linkedin, ]] - On a per meeting basis, specify the allowed SSO options for authentication by listing them in the tag separated by commas.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback