Skip to main content
Version: Early Access

How to start the SSO (Single Sign-On) Process for Hosted Customers (SaaS)?

Starting October 19, 2022, you can connect your corporate identity provider to using the Platform's Identity service. Once connected, Platform will act as an identity broker between your IdP (Identity Provider) and , allowing your users to securely access all products and the support, documentation, and community portals using the same credentials they use throughout your enterprise.
If you have not yet migrated your single sign-on (SSO) and user management to the Platform and want to do so, write to support@digital.ai for assistance.
If you are already using the Platform for SSO and want to learn more about the Identity service, click here. If you have any further questions, please reach out to your contact or write to support@digital.ai.

For customers that host their instance on Digital.ai Agility servers, there is an option for Single Sign On. In order to start the process to configure SSO on your instance, please contact Digital.ai Agility Support and you will receive detailed instructions to start the process.

In order to get started, we will need to schedule a quick introductory call between our production support team and a networking/security individual that is responsible for your SSO Identity Provider (IdP) configuration.

Digital.ai Agility's Service Provider (SP) uses PingIdentity's PingFederate server, and we currently support the following SAML 2.0 profiles: IdP-Initiated POST and SP-initiated POST/POST & Redirect/POST.

To add the Digital.ai Agility Service Provider (SP) to your Identity Provider (IdP), we’ll provide our SAML 2.0 metadata file for import, as well as guidance on relaystate. The metadata file contains URL endpoints and all necessary public keys.

To configure the Digital.ai Agility Service Provider (SP) for your instance of Agility, we’ll need your Identity Provider (IdP) SAML 2.0 metadata file, including any public keys used for signing or encryption (either in the metadata or separately). We will also need to understand the attribute contract used to map an attribute to the Agility username (e.g. SAML_SUBJECT), and how signing and encryption need to be configured.

In addition to SAML configuration on both sides, the application’s usernames need to be updated to match those passed in the attribute contract, and all integrations need to be updated to use SAML SSO authentication to access the API.

All of this info will be discussed in the initial setup call. Please contact support@digital.ai to begin the process.

Tags:
Last updated on