Need Help? We are right here!
Thanks for your Enquiry. Our team will soon reach out to you.
If you don't hear from us within 24 hours, please feel free to send a follow-up email to info@xecurify.com
Search Results:
×miniOrange supports Single Sign-on into your apps, to securely login for admins and users. miniOrange supports several different protocols for your applications, such as SAML, WS-FED, OAuth, OIDC, JWT, RADIUS, etc. Using Single Sign-on, users can use one set of credentials to login to multiple applications. This improves security, as it reduces avenues for phishing attacks, and also improves access to your application.
OAuth (Open Authorization) is an open standard for token-based authentication and authorization. OAuth allows an end-user's account information to be used by third-party services, such as Facebook, without exposing the user's password. It acts as an intermediary on behalf of the end-user, providing the service with an access token that authorizes specific account information to be shared. miniOrange provides a solution to perform single sign-on(SSO) for applications supporting OAuth protocol, like Salesforce, WordPress, Joomla, Atlassian, Azure AD, Reddit, Spotify, Paypal, WHMCS, Slack, Discord, etc.
Display Name | Enter the Display Name (i.e., the name for this application). |
Redirect URL | Enter the Redirect URL. Make sure it follows this format: https://<mycompany.domain-name.com> |
Client ID | Auto-generated. Click the copy icon to use it in your application. |
Client Secret | Client Secret is hidden by default. Click the eye icon to reveal it and use the clipboard icon to copy it. |
Subject (Optional) | Select an attribute from the dropdown list. |
Description (Optional) | Add a description if required. |
Upload App Logo (Optional) | Upload an app logo (Optional). The app will be shown in the end-user dashboard with the logo that you configure here. |
Group Name | Select the group for which you wish to add a this policy. For multiple groups, you can click here to add a multiple/separate policies for each group. |
Policy Name | You can give a name for the authentication policy. |
First Factor | Select the login method as Password and Password-less. You can enable 2-Factor Authentication (MFA), Adaptive Authentication and Force MFA On Each Login Attempt if required. |
Primary Identity Provider | Select the default ID source from the dropdown for the application. If not selected, users will see the default login screen and can choose their own IDP. [Choose miniOrange in this case.] |
SSO FLows | Select the desired SSO flow from the dropdown, such as miniOrange as IDP, miniOrange as Broker, or miniOrange as Broker with Discovery Flow. |
Show on Enduser Dashboard | Enable this option if you want to show this app in the end-user dashboard. |
Force Authentication | If you enable this option, users will have to log in every time, even if their session already exists. |
Allowed Logout URIs | Click the Allowed Logout URIs link to add a list of post-logout redirect URIs. Users will be redirected to one of these URIs after a successful logout from miniOrange. |
Single Logout Enabled | Enable this option to send logout requests to other applications when logging out from this app. |
Sign in URL | You can include user attributes in the sign-in URL using placeholders like {{username}}, {{primaryEmail}}, {{customAttribute1}}, etc. These placeholders will be dynamically replaced with the actual user values during the IdP-initiated SSO flow. You can generate url using following attributes: username, primaryEmail, alternateEmail, fname, lname, primaryPhone and customAttribute1. The url could be like this https://<sso-url>>?username={{username}}
https://<sso-url>>?username={{username}}&email={{primaryEmail}} https://<sso-url>>/{{customAttribute1}}/{{customAttribute2}}/?username={{username}} |
iss | https URI that indicates the issuer |
sub | identifier of the user at the issuer |
aud | client_id of the requesting client |
nonce | the nonce parameter value received from the client |
exp | expiration time of this token |
iat | time when this token was issued |
auth_time | time the authentication happened |
at_hash | the first half of a hash of the access token |