Set up SSO authentication

This section provides details on how to set up SSO authentication for connecting to the system.

In this topic:

SSO authentication overview

Single sign-on (SSO) is an authentication process that allows users to access multiple applications using a single username and password. With the SSO solution, you no longer need to enter your username and password repeatedly when switching between applications.

Note:  

  • Due to the security control of your browser, you may experience issues logging in to an SSO environment. To avoid the issues, OpenText recommends that you enable TLS connections. For details about enabling TLS connections, see the installation guide.

  • For CAC (Common Access Card) and SiteMinder authentication, see the External Authentication Configuration Guide.

  • If you upgrade to 25.1 from an earlier version with SSO enabled, ensure SSO still works by re-deploying the SSO components after the upgrade. For details, see Components preparation.

SSO is supported through SAML 2.0 and OpenText Application Quality Management acts as a service provider (SP). Alternatively, it supports SSO through OpenID Connect (OIDC) and acts as a relying party (RP). To let OpenText Application Quality Management act as an identity provider (IdP), you must implement a federation service with the federation protocol of SAML 2.0 or OIDC.

The SSO solution works as follows:

  1. A user logs in to an application that can serve as an identity provider (IdP).
  2. The user requests access to an OpenText Application Quality Management resource.

  3. An authentication request is sent to the IdP to obtain the user information. With the user information, The Identity Key and IDP ID of the IdP user are used to find a matching user in OpenText Application Quality Management.

    Scenario Details
    A matching user exists

    If the matching user exists, the IdP user is authorized.
    No matching user exists

    If no matching user is found, the IdP user is not authorized and cannot log in.

    If auto user-provisioning is enabled, the auto user provisioning process is run to create or find a matching user in OpenText Application Quality Management. For details, see User auto provisioning .

Back to top

SSO Configuration wizard

The SSO Configuration wizard enables you to set up SSO authentication by following step-by-step on-screen guidance.

To open the SSO Configuration wizard, from Site Administration, click Tools > SSO Configuration.

Note: The SSO Configuration wizard does not support the Internet Explorer browser.

The SSO configuration process involves the following steps:

  1. Preparation

  2. Configure service provider

  3. Configure identity provider

  4. Set up your profile

  5. Validate identity provider and enable SSO

Back to top