Configuring Repository SSO
- 28 Jun 2022
- 1 Minute to read
- Print
- DarkLight
This documentation version is deprecated, please click here for the latest version.
Configuring Repository SSO
- Updated on 28 Jun 2022
- 1 Minute to read
- Print
- DarkLight
Article summary
Did you find this summary helpful?
Thank you for your feedback
Overview
The following document covers how to set up Single Sign On for a Repository Server and connected environments. For users to Commit or Checkout changes to and from the Repository, they would need to have an account created on the Repository. If no matching account is found, an invalid access error will occur.
When SSO is configured correctly, an account will be created if there is no matching account after running the Commit/Checkout actions, bypassing the need to manually create logins for every user.
Prerequisites
- SSO must be configured and set up for the environments. If this still needs to be done refer to Single Sign-On With SAML.
- Note that SSO must be set up for both Client and Repository servers. The SSO setup for each server must be identical and use the same SSO protocol, such as SAML or OpenID.
- Repository SSO on a Multi-Tenant environment is NOT supported. Users may continue using SSO to sign in to the client environments but need to use local accounts on the Repository to perform repository-related actions.
Configuring SSO for Clients
- In the client environment, navigate to System > Settings > Designer Repository Settings.
- Under SSO PROXY, check the Use Authentication SSO Proxy box.
- Set a desired user-declared string value to SSO Authentication Key. This must match in both the Repository and for client environments.
- Verify that the Repository Server URL matches the IP or DNS Name of the Repository Server.
- Click SAVE SETTINGS.
Configuring SSO in the Repository
- In the Repository Server, and then to System > Settings > Designer Repository Server Settings.
- Check Use Authentication SSO Proxy, then under Allowed Clients, click Add New.
- From the Add Allowed Clients screen input the Client IP Address, the user-defined Authentication Key, and the Client Portal Base URL for client environments. Any connected environments using the Repository must have an entry added.
Setting Name Purpose Client IP Address IP address of the Server that will be accessing the Repository Authentication Key User declared key on the Client server Client Base Portal URL Base Portal URL of the Server accessing the repository - Click OK then SAVE SETTINGS. Once these settings have been configured, users will be able to interface with the Repository without getting prompted for a username or password.
For further information on Repository, visit the Decisions Forum.
Was this article helpful?