1. AWS Simpplr
  2. Integrations and APIs
  3. SSO Integrations

OpenID Connect (OIDC) SSO Configuration with Simpplr

Avatar
Matthew Rawls
Follow


OIDC 1.jpg

Overview

As part of our ongoing efforts to provide flexible and secure authentication options, we are excited to announce the integration of OpenID Connect (OIDC) Single Sign-On (SSO) alongside our existing SAML 2.0 SSO capabilities. This dual SSO support enhances the ability of our customers to seamlessly integrate with a wider range of Identity Providers (IdPs).

Now, our customers can choose between using SAML 2.0 or OIDC for authentication, depending on their specific requirements and the type of Identity provider they use.

SAML vs OIDC

Both SAML and OIDC provide the same core Single Sign-On (SSO) functionality, meaning they both allow you to log in once and then access multiple services or apps without needing to enter your credentials again. The difference lies only in how these two are set up and how the protocols work behind the scenes.

Check out this page to learn more about SAML SSO.

We provide multiple SSO support both SAML and OIDC.

Key highlights

Supported SSO providers

  • Simpplr supports OIDC SSO integration with:

    • Okta

    • Microsoft Entra

    • OneLogin

    • Google

    • custom SSO

Workday doesn't support OIDC.

  • With multiple SSOs, any combination of multiple SSOs and multiple instances of any SSO can be configured.

  • There is a limit of 15 SSOs that can be added at a time.

Adding a new SSO

  • SSOs can be added at Manage > Application > Security > External IdP (SSO).

  • App managers can select the SSO from the available options.
    OIDC 2.jpg

  • Once the SSO provider is selected, configuration needs to be done by adding all the required fields.



     

  • Once the SSO setup is done, a few ready-only fields are generated. These fields must be configured back in the provider account in order to complete the integration.
    oidc 3.jpg

Log in with OIDC SSO

  • Configured OIDC SSOs are available on login page.

  • User can authenticate and log in with SSO by providing the valid credentials.
    oidc 4.jpg

Just-in time provisioning by multiple SSOs

  • Provisioning of users can be done within these multiple SSOs by enabling the setting.

  • If enabled, user logging in via SSO would be provisioned in real time.

  • This option is available inside the Add/Edit SSO form.<>
    oidc 5.jpg </>

Different actions on SSO

  • Admin can edit, disable, enable and delete any of the added SSOs.

  • 'Edit' option is used to update the SSO details.

  • 'Disable' option is used to temporarily disable the login and provisioning of users through that SSO. Configuration settings would be retained.

  • 'Delete' option is used to permanently disable the login and provisioning of users through that SSO.
    OIDC 2.jpg

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.

Articles in this section