SAML 2.0

SmartIQ supports SAML 2.0 allowing a nominated identity provider enabling Single Sign-On (SSO) between SmartIQ Manage and Produce and other service providers.

When configured correctly, when navigating to SmartIQ a request is sent to the identity provider via HTTP-POST. The identity provider will determine whether the user has already been authenticated or requires login. Regardless after a successful login has occurred a response is sent to SmartIQ containing the user’s username (referred to as NameId which is a required field) and optionally other user profile information (name, email, address, group memberships, etc.). The response must be signed so that SmartIQ knows it is from a trustworthy source.

To set up SAML 2.0 for SmartIQ, do the following:

1. Set up your identity provider's settings:

• Okta
• Azure Active Directory

2. Configure SmartIQ SAML Settings

👍

Best Practice

If you need to have multiple methods for authentication use a provider that supports federated identity management