Workplace is a tool which allows users to communicate and collaborate across desktop and mobile. It provides features such as groups, chat and video calls.
miniOrange provides secure access to workplace for enterprises and full control over access to the workplace application. Single Sign On (SSO) into your workplace Account with one set of login credentials.
miniOrange supports both IdP (Identity Provider) and SP (Service Provider) initiated Single Sign On (SSO)
Follow the Step-by-Step Guide given below for workplace Single Sign On (SSO).
Step 1: Configure Single Sign On (SSO) Settings for workplace
- Log in as a customer from the Admin Console of miniOrange's Administrator Console, now go to Apps -> Manage Apps.
- Click on Configure Apps and select the Application Name workplace(SAML) App from the drop-down menu.
- Enter the SP Entity ID or Issuer as https://www.facebook.com/company/[your-company-id].
- Enter the ACS URL as [https://your-company-name].facebook.com/work/saml.php.
- It is not compulsory to insert any URL in Single Logout URL section.
- Click on Advanced Settings. Relay State section could be kept empty.
- Leave the Attributes section empty.
- Add a new policy for the workplace.
- Select the workplace from Application dropdown.
- Select a Group Name from the dropdown - the group for which you want to add workplace policy.
- Give a policy name for the workplace in the Policy Name field.
- Select the First Factor Type for authentication.
- Enable Second Factor for authentication if required.
- Click on Save button to add policy for workplace Single Sign On (SSO).
- Click on Save to configure workplace.
- Click on Metadata link to download the metadata which will be required later. Click on Link to see the IDP initiated SSO link for Workplace.
- Keep SAML Login URL and IdP Entity ID or Issuer and click on the Download Certificate which you will require in Step 4.
- Now click on Onboard users into our system from View Policy Tab.
Step 2: Onboard users into our system
- Click on Users >> Add User.
- Here, fill the user details without the password and then click on the Create User button.
- Click on On Boarding Status tab. Check the email, with the registered e-mail id and select action Send Activation Mail with Password Reset Link from Select Action dropdown list and then click on Apply button.
- Now, Open your email id. Open the mail you get from miniOrange and then click on the link to set your account password.
- On the next screen, enter the password and confirm password and then click on the Reset Password button.
- Now, you can log in into miniOrange account by entering your credentials.
Step 3: Login to miniOrange Account
- Go to miniOrange dashboard and select the User Dashboard from the right side menu.
- Click on Workplace application which you added, to verify your sso configuration.
Step 4: Setup Single Sign On for your domain in the workplace
- In the Company Dashboard, go to the Authentication tab.
- Under SAML Authentication, select SSO Only from the drop-down list.
- Input the values of miniorange IdP into the corresponding fields as given below:
- Enter SAML URL: Enter SAML URL value that you got from Step 1.
- Enter the SAML Issuer URL: Enter SAML Issuer URL value that you got from Step 1.
- Enter SAML Certificate: You may need to open up the downloaded certificate in a text editor in order to copy/paste this into the field
- Depending on miniorange IdP, you may need to enter the Audience URL:(not compulsory), Recipient URL:(not compulsory) and ACS (Assertion Consumer Service) URL listed under the SAML Configuration section in the workplace.
- Scroll to the bottom of the section and click the Test SSO button. This will result in a pop-up window appearing with miniOrange IdP login page presented. Enter your credentials in as normal to authenticate.
Troubleshooting: Ensure the email address being returned back from miniorange IdP is the same as the Workplace account you are logged in with.
- Once the test has been completed successfully, scroll to the bottom of the page and click the Save button.
- All users using workplace will now be presented with miniOrange IdP login page for authentication.
Step 5: Now sign in to your workplace account with miniOrange IdP by either of the two steps:
1. Using SP initiated login :-
- Go to https://[your-company-name].facebook.com, enter your Email Address and click on Login. Now you will be redirected to miniOrange IdP Sign On Page.
- Enter your miniOrange login credential and click on Login. You will be automatically logged in to your workplace account.
2. Using IdP initiated login :-
- Login to your miniOrange Self Service Console as an End User and click on the workplace icon on your Dashboard.
For Further Details:
Guide For Single Sign On (SSO)
Workplace SAML Configuration