Skip to main content
Mitratech Success Center

INSZoom - How to setup Single Sign-On (SSO)

How to setup Single Sign-On (SSO)?

This article explains how to enable and implement SSO for your firm.

 

Introduction

With so many applications being used, it's difficult for a firm or a corporation to do user management across all applications as well as it is difficult for a user to remember access credentials across all applications. Single Sign-On helps in providing a unified authentication mechanism for access management.

With data security and privacy becoming increasingly important, it is important that only the trusted user has access to his/her data. Single Sign-on brings in that trust factor.

For a Lawfirm working with multiple corporations, it's hard to do user management for corp users and their employees. Single Sign-On can help leverage the corporation’s network authentication to connect to INSZoom and help ease user management.

What is SSO?

Single Sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials (for example, username and password) to access multiple applications. The service authenticates the end user for all the applications the user has been given rights to and eliminates further prompts when the user switches applications during the same session. For INSZoom, Single Sign-On (SSO) lets users access the INSZoom application and other applications with a single set of login credentials (example, username and password). This allows validating the usernames and the passwords with the firm’s database or other Corporate apps managing the user authentication.

INSZoom supports SAML 2.0 and ADFS (with SAML 2.0) as Single Sign-On methods that can be configured on firm’s internal site. This allows Lawfirms/Corporations to securely pass authenticated users along to INSZoom application for safe single sign-on entry verification and seamlessly integrate application handoff.

What does it offer?

It offers the following advantages to users-

-Improved User Experience- No need to remember multiple login credentials to access each of the different corporate applications. Users can seamlessly log into multiple apps without entering login credentials again and again for each app.

 

-Reduced Support Calls- As users need just one username and password to access different apps, the number of IT support calls related to lost passwords greatly reduces.

 

-Improved Identity Protection- With SSO, companies can easily strengthen identity security with techniques such as Multi-Factor Authentication (MFA).

-Increases Employee and IT Productivity- Employees can access different apps faster and can focus on productive tasks without the need of memorizing unique credentials for multiple logins.

Getting Started with SSO

This service can be subscribed to by visiting our 'Subscriptions' portal. In INSZoom Main Menu click on Setup and then subsequently Subscriptions. A new window opens with all the subscription modules. Select 'Single Sign-on' in the left menu and toggle the 'Subscribe' switch on the screen to the right to initiate the activation. Once this happens, our accounts team will reach out to you to proceed in the SSO setup.

Firm Super admin can follow the steps given below to enable SSO for hiss/her Firm-

Step 1. Create a SSO request in the INSZoom subscription page.

Step 2: Select Mode of SSO by selecting relevant values for SSO Type and Request Type

There can be two SSO Types-

-SAML 2.0 – Use this option if identity provider is third parties like one-login, azure services, Office 365, Okta or any customized web applications built for the firm.

-ADFS – Use this option if Identity provider is Active Directory Federation Service.

Request Type

-Identity Provider (IDP) initiated: Sign on request originates from the firm's internal site.

-Service Provider (SP) initiated: INSZoom will generate a unique URL which can be used to start the sign on request. INSZoom will send a request to the firm to check the authenticity of the user. Upon successful authentication, a SAML response is expected from the IDP which will allow the user to enter INSZoom application.

Step 4: INSZoom accounts team will receive the request and INSZoom accounts team will reach out to Firm's Super admin for further actions.

Step 5: INSZoom Accounts team will enable the SSO configuration screen to setup the SSO.

Step 6: Firm will have the configuration section enabled and Super admin can start configuring the details by clicking on the “Complete SSO Configuration” button.

Basic details required for configuration are:

IDP Login URL, SAML Attribute Tag Name, SAML Signature Tag Name, Single Logout URL (optional).

Certificate for configuration:

Upload the public certificate of the Identity provider which will be used to sign the SAML request and response.

If the Request type of the SSO is Service provider-initiated end user should have the uniquely generated URL as shown in the image below to login to INSZoom application.

Once the above form filling is completed download the service provider metadata for setting up the SSO at identity provider end. This metadata contains INSZoom public key certificate which must be installed in the Identity provider machine.

Confirm and save the configurations which will notify the INSZoom team for internal setup.

 

Step 7: INSZoom validates the data updated in the configuration and uses the certificate uploaded by the Firm in the INSZoom application to prepare the environment for testing and notifies the Firm super admin about the setup completion.

Step 8: Firm will get option to enable the SSO for testing and making the SSO Live for users.

Corporation SSO Setup:

Corporation SSO setup is independent of the Firm SSO setup defined above i.e corporation within a firm can use the SSO feature irrespective of whether the Firm is enabled with the SSO or not.

Step 1: Select the Corporation from the dropdown menu and click on ADD button.

Step 2: Select Mode of SSO by selecting relevant values for SSO Type and Request Type

SSO Type

-SAML 2.0 – Use this option if identity provider is third parties like one-login, azure services, Office 365, okta or any customized web applications build for the firm.

-ADFS – Use this option if Identity provider is Active Directory Federation Service.

Request Type

-Identity Provider (IDP) initiated: Sign on request originates from the corporation internal site.

-Service Provider (SP) initiated: INSZoom will generate a unique URL which can be used to start the sign on request. In this scenario upon successful setup of SSO INSZoom will send a request to corporation to check the authenticity of the user, upon successful authentication a SAML response is expected from the IDP which will allow the user to INSZoom application.

Step 3: INSZoom accounts team will receive the request and will reach out to Firm Super admin for further actions.

Step 4: INSZoom Accounts team will enable the SSO configuration screen to setup the SSO for corporation and the Firm will get notification of the subscription.

Step 5:  Lawfirm will have the configuration section enabled and super admin can start configuring the details by clicking on the configure icon highlighted below.

Basic details for configuration:

IDP Login URL, SAML Attribute Tag Name, SAML Signature Tag Name, Single Logout URL (optional).

 

Certificate for configuration:

Upload the public certificate of the Identity provider which will be used to sign the SAML request and response.

Once the above form filling is completed download the service provider metadata for setting up the SSO at identity provider end, this metadata contains INSZoom public key certificate which must be installed in the Identity provider machine.

Confirm and save the configurations which will notify INSZoom team for internal setup.

If the Request type of the SSO is Service provider-initiated end user should have the below uniquely generated URL to login to INSZoom application.

Step 6: INSZoom validates the data updated in the configuration and uses the certificate uploaded by the Firm in the INSZoom application to prepare the environment for testing and notifies the Firm about the setup completion.

Step 7: Firm will get option to enable the SSO for testing and making the SSO Live for Corporation users.

  • Was this article helpful?