This guide walks you through how to assign single sign on (SSO) for a client and enter their authentication details. This works in the same way as SSO for the payslip portal.
...
What information does RSM need? Anchor What information does RSM need? What information does RSM need?
| What information does RSM need? | |
| What information does RSM need? |
- The OpenID Connect Configuration URL
- The Client ID
- The Client Secret
- Optionally, your public key
What authentication methods are supported?Anchor What authentication methods are supported? What authentication methods are supported?
| What authentication methods are supported? | |
| What authentication methods are supported? |
...
Enable SSO - Once this is checked, all client portal users with a matching email suffix will be able to login by SSO. Please note: If this is checked (even if other details are left blank) employees will have a client portal user created using their email address against their record.
Validate issuer - This may be checked if the company wished to validate the issuer. They will need to configure their authentication to provide an issuer matching the issuer.
...
Unable to get claims. Ask client to add a claim named UserID to return the users email address.
First try checking Validate Issuer. The claims returned are affected by this setting.
User can't login by SSO
If a user is unable to login by SSO once enabled, first:
...