Examples of using Single Sign-On technology
How to create a user account on first login
If a user has an account within the corporate domain, there is no need to create new account for each resource. User only needs to enter account credentials and:
-
If there is a user with the same login in the domain, bpm’online will create a contact and an account for the new user.
-
Contact data will be filled according to the [SAML field name converters to contact field name] lookup settings.
-
A new account will obtain organizational and functional roles that are similar to its domain roles.
Note
Automated creation of the user is configured after the Single Sign-On configuration and can be disabled.
How to log in on several resources
When you authenticate in one of the identity provider resources, the authentication to other provider resources will be automatic. The user does not need to enter their login and password to sign in to other applications.
How to log out from all resources
All services and applications will receive a request to end your current session after you exit one of the resources. All resources and applications will log out the corresponding user (Fig. 1).
Fig. 1 Logging out from several resources via a single identity provider
See also
