Clarizen is a scalable enterprise software for collaborative work management. It provides features like cross-company project management, configurable workflow automation, in-context collaboration and a tailored, role-based experience, all built on a secure platform.
miniOrange provides secure access to Clarizen for enterprises and full control over access to the application. Single Sign On (SSO) into Clarizen with one set of login credentials.
miniOrange supports both IdP (Identity Provider) and SP (Service Provider) initiated Single Sign On (SSO)
Follow the Step-by-Step Guide given below for Clarizen Single Sign On (SSO)
Step 1: Configure SSO for Clarizen
- Login to miniOrange Admin Console.
- Go to Apps >> Manage Apps. Click Configure Apps button.
- Click on SAML tab. Select Clarizen.
- Enter the SP Entity ID or Issuer as https://app2.clarizen.com/Clarizen/Pages/Integrations/SAML/SamlResponse.aspx.
- Enter the ACS URL as https://app2.clarizen.com/Clarizen/Pages/Integrations/SAML/SamlResponse.aspx
- Enable Override RelayState.
- You can set another value for relay state depending on where you want to redirect the user after SSO.
- Leave the Attributes section empty.
- Add a new policy for Clarizen.
Click on Save to configure Clarizen.
Click on Metadata link to download the metadata which will be required later. Click on Link to see the IDP initiated SSO link for Clarizen.
Click on Download Metadata button to download the metadata which you will require later.
- Select a Group Name from the dropdown - the group for which you want to add Clarizen policy.
- Give a policy name for Clarizen in the Policy Name field.
- Select the First Factor Type for authentication.
- Enable Second Factor for authentication if required.
Step 2: Configure Clarizen for miniOrange
- Login to your Clarizen domain as the Account Administrator.
- Under the Navigation bar, click on the Settings tab.
- Go to Global Settings and under the Organization Settings section, click on the edit... link beside Federated Authentication.
- In the Federated Authentication pop-up that opens up, click on to check the Enable Federated Authentication option and enter the details as shown:
|Certificate||Select the Certificate downloaded earlier.|
|Name ID Format||SAML:1.1 Unspecified|
|Enable Password Authentication||Select according to your requirements.|
|Use POST||Tick the Use HTTP POST Binding option.|
- Leave all the other options unchecked.
- Save the URL given in the option: To Login via SSO.
- Click on Save to save the SAML SSO Settings.
Step 3: Onboard users into our system
- Click on Users >> Add User.
- Here, fill the user details without the password and then click on the Create User button.
- Click on On Boarding Status tab. Check the email, with the registered e-mail id and select action Send Activation Mail with Password Reset Link from Select Action dropdown list and then click on Apply button.
- Now, Open your email id. Open the mail you get from miniOrange and then click on the link to set your account password.
- On the next screen, enter the password and confirm password and then click on the Reset Password button.
- Now, you can log in into miniOrange account by entering your credentials.
Step 4: Login to miniOrange Account
- Go to miniOrange dashboard and select the User Dashboard from the right side menu.
- Click on Clarizen application which you added, to verify your sso configuration.
Using Two Factor Authentication for Clarizen
The most practical way to strengthen authentication is to require a second factor after the username/password stage. Since a password is something that a user knows, ensuring that the user also has something or using biometrics thwarts attackers that steal or gain access to passwords.
Traditional two-factor authentication solutions use hardware tokens (or "fobs") that users carry on their keychains. These tokens generate one-time passwords for the second stage of the login process. However, hardware tokens can cost up to $40 each. It takes time and effort to distribute them, tracks who has which one, and replace them when they break. They're easy to lose, hard to use, and users consistently report high levels of frustration with token-based systems.
For further details refer :
Guide For Single Sign On (SSO)
Clarizen SAML SSO