miniOrange provides secure access to Quandora for enterprises and full control over access of application. Single Sign On (SSO) into Quandora with one set of login credentials.
miniOrange supports both IdP (Identity Provider) and SP (Service Provider) initiated Single Sign On (SSO)
Follow the Step-by-Step Guide given below for Quandora Single Sign On (SSO)
Step 1: Configure SSO for Quandora
- Login to your Quandora domain as the Account Administrator.
- Go to Manage Domain.
- In the left pane, go to SAML2 Login.
- Save the relay state shown in red for further use.
- In the Identity Provider Metadata section, select Copy/Paste IdP Metadata.
- For downloading the miniOrange Metadata, Contact Us.
- Open the downloaded metadata in notepad and copy the content in Metadata XML.
- In the Attribute Mappings section, enter FirstName in the First Name field and LastName in the Last Name field.
- Click Save Changes to save the SAML SSO settings.
- Click the Enable Single-Sign-On toggle button to turn it ON.
- Login to miniOrange Admin Console.
- Go to Apps >> Manage Apps. Click Configure Apps button.
- Click on SAML tab. Select Quandora.
- Make sure the SP Entity ID or Issuer is: https://app.quandora.com/auth/sso.
- Make sure the ACS URL is: https://app.quandora.com/auth/sso
- In the Relay State field, copy the relay state saved earlier.
- In the Attributes section, enter the value FirstName in the Attribute Name field and select the First Name from the Attribute Value list.
- Click on the '+' icon beside Add Attributes to add another set of attributes and enter the value LastName in the Attribute Name field and select the Last Name from the Attribute Value list.
- Click on Save to configure Quandora.
Step 2: Create a policy for Quandora
- Login to miniOrange Admin Console.
- Go to Policies >> App Authentication Policy.
- Add a new policy for Quandora.
- Select Quandora from Application dropdown.
- Select a Group Name from the dropdown - the group for which you want to add Quandora policy.
- Give a policy name for Quandora in the Policy Name field.
- Select the First Factor Type for authentication.
- Enable Second Factor for authentication if required.
- Click on Save button to add policy for Quandora Single Sign On (SSO).
- Now click on Onboard users into our system from View Policy Tab.
Step 3: Onboard users into our system.
- Click on Users >> Add User.
- Here, fill the user details without the password and then click on the Create User button.
- Click on On Boarding Status tab. Check the email, with the registered e-mail id and select action Send Activation Mail with Password Reset Link from Select Action dropdown list and then click on Apply button.
- Now, Open your email id. Open the mail you get from miniOrange and then click on the link to set your account password.
- On the next screen, enter the password and confirm password and then click on the Reset Password button.
- Now, you can log in into miniOrange account by entering your credentials.
Step 4: Login to miniOrange Account
- Go to miniOrange dashboard and select the User Dashboard from the right side menu.
- Click on Quandora application which you added, to verify your sso configuration.
Using Two Factor Authentication for Quandora
The most practical way to strengthen authentication is to require a second factor after the username/password stage. Since a password is something that a user knows, ensuring that the user also has something or using biometrics thwarts attackers that steal or gain access to passwords.
Traditional two-factor authentication solutions use hardware tokens (or "fobs") that users carry on their keychains. These tokens generate one-time passwords for the second stage of the login process. However, hardware tokens can cost up to $40 each. It takes time and effort to distribute them, tracks who has which one, and replace them when they break. They're easy to lose, hard to use, and users consistently report high levels of frustration with token-based systems.