ION Factory OS
  • Welcome to ION
  • Features
    • Procedures
      • Steps
        • Content
        • Datagrid
        • Fields
        • Attributes
      • Dependencies
      • Part-Procedure Relationship
      • Attributes
      • Standard Steps
      • Installation Requirements (Beta)
      • Nested Steps and Nested Standard Steps
      • Procedure Best Practices
    • Runs
      • Run Execution Overview
      • Runs And Step States
      • Batching Runs
        • Batching 2.0 Changes
      • Workcenter execution
      • Split Inventory on a Run
      • Redlines
      • Export run data
      • Scheduling runs
      • Time Tracking
      • Attributes
      • Outside Processing
      • Runs Best Practices
    • Parts Library
      • As-built Bill of Materials (aBOM)
        • Editing aBOM build requirements
        • aBOM Beta Changes
          • aBOM actions for developers
      • Inventory
        • Inventory status
        • Inventory splitting
        • Inventory merging
        • Inventory scrapping
        • Kitting
        • Inventory Movement Automations
      • Manufacturing bill of materials (mBOM)
        • mBOM versions
        • Made on Assembly (MOA)
        • Part Substitutes
        • Reference designators
      • Part Attributes
      • Part revision interchangeability
      • Supplier Part Numbers & Purchase Unit Conversions
    • Kitting and Inventory Fulfilment
      • Kit Statuses and Workflows
      • Inventory requests
      • Kitting and runs
      • Fulfilling Multiple Kits
      • Kanban Kitting
    • Purchasing
      • Purchase Orders
        • Types of Purchases
        • Purchase Order Approvals
        • Purchase Order FAQs
        • Supplier Part Numbers & Unit Conversions
        • PO Requirements, Terms, and Quality Clauses
      • Receiving/Inspection
      • Outside Processing
      • Consigned Parts
    • Barcode Labels
      • Templating
        • ION barcode minimum sizes
        • Sample templates
      • Printing
        • Configuring Zebra Browser Print
        • Server Based Barcode Printing (PrintNode)
      • Scanning
        • Scan barcodes from other systems
    • Quality
      • Issues
      • Further Actions - CAPA
      • Issues States, Dispositions, and Resolutions
      • Quality Best Practices
    • Tools
    • Locations
    • Attributes
    • Labels
      • Deleting labels
    • Notifications
    • Search
    • Settings
      • Role based access control
        • Full Glossary of ION Permissions
    • ION Actions
      • ION Actions examples for Quality
      • ION Actions examples for Runs and Procedures
      • ION ACTIONS examples for Supply Chain
  • Analytics
    • Inventory valuation
    • Part impact analysis
    • Users, Roles, Teams
    • Analytics FAQ
    • Data Connector
    • Data Products
  • Plans and Autoplan
    • Autoplan
    • Autoplan glossary
    • Preparing to use Autoplan
    • Clear to build reporting
    • Running Autoplan on a schedule
    • Firm and blocked plan items
    • Location constraints
    • Autoplan suggested suppliers and procedures
    • Reorder point
    • Plan input serial numbers
    • Applying a calendar
    • Plan Reservations
    • Independent schedules
    • Drive demand from kits
    • Drive demand below buy parts configuration
    • Group plan items with the same date
    • Manualy Changing Autoplan Status
  • API
    • How to create an App with ION
    • Access Tokens
    • About GraphQL
    • Interactive API explorer
    • API Keys
    • Examples
      • Notifications
      • Runs
      • Automatically updating fields in runs
      • Parts and Part Revisioning
      • mBOMs
      • Part Inventory and Kitting
      • aBOM (As-built Bill of Materials)
      • Edit time-tracking session data
    • Changelog
    • Webhooks
    • Pagination
  • Automations
    • Auto-checkout of Run Steps
    • Auto-Consumption of Lineside Inventory
    • Automatically Send Purchases to Suppliers
    • Set Close by Run Step on Issue Creation
    • Intent Management / Grade / Tier / Pedigree
      • Data Imprinting
      • ION Actions for Intent
    • Auto-Update mBOM Revision on Part Revision Update
    • Auto-approve part-procedure relationships
    • Purchase Order PDF and Versions
    • Auto Populate PO Line Attributes
    • Imprint Attributes from One Object to Another on a Desired Event
  • Integrations
    • Deploying Integrations and Automations
    • Arena
    • Cofactr
    • Datum
    • Duro
    • NetSuite
      • Purchasing in NetSuite, Receiving in ION
      • Work Order/Assembly Builds
    • Procurable
    • PDF Generator
    • Quickbooks
    • Ramp
    • Silkline Integration
    • Slack
    • Smartsheet
    • SOLIDWORKS
    • Teamcenter
  • Training
    • Standard Operating Procedures
      • Cycle Counting
      • Tool Utilization
    • Guided Flows
    • ION Sandbox
    • Chat Support for ION
  • Troubleshooting
    • Resetting your password
    • Resetting your Multi-Factor Authentication
    • You have no roles... error
  • Changelog
  • Adminstration
    • Security
      • Backups and Security FAQ
      • Single Sign-On (SSO)
        • Okta SAML connection setup
      • Export Control
      • Report Generator Disclaimer
    • Browser and Device Compatibility
    • Authentication
      • My company is new to ION, logging in for the first time.
      • I'm told I'm not authorized to access the application
      • My account has been deactivated
    • Login Page
  • Tickets Portal
Powered by GitBook
On this page
  • Azure AD
  • 1. Open a support ticket and provide your domain information
  • 2. Register the application in your AD
  • 3. Confirm credential exchange and test connection
  • ADFS
  • 1. Open a support ticket
  • 2. Set up ADFS using provided values

Was this helpful?

  1. Adminstration
  2. Security

Single Sign-On (SSO)

PreviousBackups and Security FAQNextOkta SAML connection setup

Last updated 7 months ago

Was this helpful?

Setting up SSO with ION allows you to provision and de-provision users in ION automatically. Company employees will be able to login to ION for the first time using SSO and that will create a user profile for them with the User role. There, admins can grant them any additional roles. In addition, when a user is de-provisioned from SSO, the user will be deactivated automatically in ION.

Azure AD

1. Open a support ticket and provide your domain information

You can set up your organization to sign in to ion using your Azure AD. First Resonance support with the following information and follow the subsequent steps to confirm your connection.

  • Your Azure AD Domain address (e.g. firstresonance.onmicrosoft.com)

  • A list of email domains that should be enabled with login to ION (@acme.com, @acme.io, @acmeindustries.com, etc). Any of the emails with these associated domains will trigger the ION authentication flow to authenticate with your AD.

2. Register the application in your AD

  • In your Azure AD panel, go to Azure Active Directory → App Registrations → New Application.

  • (Optional) For supported account types, select the domain that you prefer for your Azure AD services

  • Enter the below line as a Web type for Redirect URI:

  • Take note of the client ID and client secret values

  • Send the values to the First Resonance support team.

3. Confirm credential exchange and test connection

Once the support ticket confirms, test your connection by going to the application. Signing in with your provided domains, users should be able to type in their Azure-associated email address and see something similar to this before completing authentication with your Azure AD identity provider;

ADFS

1. Open a support ticket

Open a support ticket with First Resonance, as described in the Azure AD section above

2. Set up ADFS using provided values

The values required for First Resonance authentication are as follows:

  • Realm Identifier: urn:auth0:firstresonance

  • Endpoint: https://firstresonance.auth0.com/login/callback

Follow the instructions for manual set up, per Auth0's documentation here:

Contact
https://firstresonance.auth0.com/login/callback
https://auth0.com/docs/connections/enterprise/adfs
Single Sign-On redirect enabled for SSO domains