Single Sign-On (SSO)
Setting up SSO with ION allows you to provision and de-provision users in ION automatically. Company employees will be able to login to ION for the first time using SSO and that will create a user profile for them with the User role. There, admins can grant them any additional roles. In addition, when a user is de-provisioned from SSO, the user will be deactivated automatically in ION.
Azure AD
1. Open a support ticket and provide your domain information
You can set up your organization to sign in to ion using your Azure AD. Contact First Resonance support with the following information and follow the subsequent steps to confirm your connection.
Your Azure AD Domain address (e.g. firstresonance.onmicrosoft.com)
A list of email domains that should be enabled with login to ION (@acme.com, @acme.io, @acmeindustries.com, etc). Any of the emails with these associated domains will trigger the ION authentication flow to authenticate with your AD.
2. Register the application in your AD
In your Azure AD panel, go to Azure Active Directory → App Registrations → New Application.
(Optional) For supported account types, select the domain that you prefer for your Azure AD services
Enter the below line as a Web type for Redirect URI:
https://firstresonance.auth0.com/login/callbackTake note of the client ID and client secret values
Send the values to the First Resonance support team.
3. Confirm credential exchange and test connection
Once the support ticket confirms, test your connection by going to the application. Signing in with your provided domains, users should be able to type in their Azure-associated email address and see something similar to this before completing authentication with your Azure AD identity provider;
ADFS
1. Open a support ticket
Open a support ticket with First Resonance, as described in the Azure AD section above
2. Set up ADFS using provided values
Follow the instructions for manual set up, per Auth0's documentation here: https://auth0.com/docs/connections/enterprise/adfs
The values required for First Resonance authentication are as follows:
Realm Identifier:
urn:auth0:firstresonanceEndpoint:
https://firstresonance.auth0.com/login/callback
Last updated
