Single Sign-On Configuration Guide

Overview

This guide outlines the steps you will follow to configure Single Sign-On (SSO) to TeamForm from your nominated Identity Provider (IdP). SSO is a feature provided with the Adaptive Security add-on and is our (and probably your) preferred authentication method, providing a higher level of security and control with lower administrative overhead.

Once configured, customer administrators have the ability to add users into authorisation groups based on their role within TeamForm. We recommend that all individuals within an organisation are members of the lowest authorisation group by default, thus enabling authenticated but read-only access to core TeamForm features.

TeamForm access groups

• At a high level this is directory, power, reporting and admin

• Further information on access groups here: Access Groups and User-Based Access Controls

It’s not complicated, it is a multi-step process

Successfully configuring TeamForm with SSO is a straightforward but multi-step process to configure and test each party’s side of the connection. For example:

• We will provide you with a custom Entity ID and URL specific to you to configure your IdP for TeamForm

• You will provide us with details of the Signing Certificate and user authorisation groups so that we can correctly configure your TeamForm authentication

Once the SSO connection is configured, we will then ask you to test authentication to TeamForm.

IdP Configuration Guides

We support SAML, the most common standard for federated identity.

The following links outline the step-by-step process to follow for the following common IdPs:

• Configuring SSO to TeamForm from Azure AD

• Google Auth, Okta, LogMeIn and Other SAML or OAuth IdP - please contact your representative or raise a request via Jira Service Management

Related articles