INSZoom - How to setup Single Sign-On (SSO)
How to set up Single Sign-On (SSO)?
This article explains how to enable and implement SSO for your firm.
Introduction
With so many applications being used, it's difficult for a firm or a corporation to do user management across all applications as well as it is difficult for a user to remember access credentials across all applications. Single Sign-On helps in providing a unified authentication mechanism for access management.
With data security and privacy becoming increasingly important, it is important that only the trusted user has access to his/her data. Single Sign-on brings in that trust factor.
For a law firm working with multiple corporations, it's hard to do user management for corp users and their employees. Single Sign-On can help leverage the corporation’s network authentication to connect to INSZoom and help ease user management.
NOTE: Single Sign-On (SSO) is not currently compatible with our Zoomee Virtual Assistant (aka ZoomeeBot) offering.
What is SSO?
Single Sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials (for example, username and password) to access multiple applications. The service authenticates the end user for all the applications the user has been given rights to and eliminates further prompts when the user switches applications during the same session. For INSZoom, Single Sign-On (SSO) lets users access the INSZoom application and other applications with a single set of login credentials (for example, username and password). This allows for validating the usernames and passwords with the firm’s database or other Corporate apps managing the user authentication.
INSZoom supports SAML 2.0 and ADFS (with SAML 2.0) as Single Sign-On methods that can be configured on the firm’s internal site. This allows Lawfirms/Corporations to securely pass authenticated users along with the INSZoom application for safe single sign-on entry verification and seamlessly integrate application handoff.
What does it offer?
It offers the following advantages to users-
Improved User Experience: No need to remember multiple login credentials to access each of the different corporate applications. Users can seamlessly log into multiple apps without entering login credentials again and again for each app.
Reduced Support Calls: As users need just one username and password to access different apps, the number of IT support calls related to lost passwords greatly reduces.
Improved Identity Protection: With SSO, companies can easily strengthen identity, security techniques such as Multi-Factor Authentication (MFA).
Increases Employee and IT Productivity: Employees can access different apps faster and can focus on productive tasks without the need of memorizing unique credentials for multiple logins.
Getting Started with SSO
This service can be subscribed to by visiting our 'Subscriptions' portal.
- After INSZoom Main Menu, click on Setup and then subsequently Subscriptions.
- A new window opens with all the subscription modules.
- Select 'Single Sign-on' in the left menu and toggle the 'Subscribe' switch on the screen to the right to initiate the activation.
- Once this happens, our accounts team will reach out to you to proceed with the SSO setup.
Firm Super admin can follow the steps given below to enable SSO for his/her Firm
Step 1. Create an SSO request on the INSZoom subscription page.
Step 2: Select the Mode of SSO by selecting relevant values for SSO Type. There can be two SSO Types.
SAML 2.0 – Use this option if the identity provider is a third party or any customized web application built for the firm.
ADFS – Use this option if the Identity provider is Active Directory Federation Service.
Step 4: The INSZoom accounts team will receive the request and INSZoom accounts team will reach out to the Firm's Super admin for further actions.
Step 5: INSZoom Accounts team will enable the SSO configuration screen to setup the SSO.
Step 6: Firm will have the configuration section enabled and Super admin can start configuring the details by clicking on the “Complete SSO Configuration” button.
The basic details required for configuration are:
- IDP Login URL, Single Logout URL (optional).
- Certificate for configuration.
- Upload the public certificate of the Identity provider which will be used to sign the SAML request and response.
Once the above form filling is completed download the service provider metadata for setting up the SSO at identity provider end.
Confirm and save the configurations which will notify the INSZoom team for internal setup.
Step 7: INSZoom validates the data updated in the configuration and uses the certificate uploaded by the Firm in the INSZoom application to prepare the environment for testing and notifies the Firm super admin about the setup completion.
Step 8: The firm will get an option to enable the SSO for testing and making the SSO Live for users.
Corporation SSO Setup:
Corporation SSO setup is independent of the Firm SSO setup defined above, i.e. corporation within a firm can use the SSO feature irrespective of whether the Firm is enabled with the SSO or not.
Step 1: Select the Corporation from the drop-down menu and click the 'Add' button.
Step 2: Select Mode of SSO by selecting relevant values for SSO Type
SSO Type
-SAML 2.0 – Use this option if the identity provider is the third party or any customized web application built for the firm.
-ADFS – Use this option if the Identity provider is Active Directory Federation Service.
Step 3: The INSZoom accounts team will receive the request and will reach out to the Firm Super admin for further actions.
Step 4: INSZoom Accounts team will enable the SSO configuration screen to set up the SSO for the corporation and the Firm will get a notification of the subscription.
Step 5: Lawfirm will have the configuration section enabled, and super admin can start configuring the details by clicking on the configure icon highlighted below.
Basic details for configuration:
- IDP Login URL, Single Logout URL (optional).
- Certificate for configuration.
- Upload the public certificate of the Identity provider which will be used to sign the SAML request and response.
Once the above form filling is completed download the service provider metadata for setting up the SSO at the identity provider end.
Confirm and save the configurations which will notify the INSZoom team for internal setup.
Step 6: INSZoom validates the data updated in the configuration and uses the certificate uploaded by the Firm in the INSZoom application to prepare the environment for testing and notifies the Firm about the setup completion.
Step 7: The Firm will get an option to enable the SSO for testing and making the SSO Live for Corporation users.