Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

You can link your PeopleLog system, or our Payslip Portal, with your Microsoft Active Directory system so that your users will not need a separate username and password.  You can then put a link on your Intranet that will take your employees directly into the system.  This provides a better experience for your employees.

...

In the next page, enter a name (e.g. RSM) and enter one of the following into the Rediect Redirect URL box

Click the Register button and you will see a screen similar to the one shown below.

...

Add an email claim (Payslip Portal only if not using openid+email scope):

  • Under Manage, select Token configuration.

  • Select Add optional claim, select the ID token type, select email from the list of claims, and then select Add.

...

You now have all the information you need for us to configure your single sign-on.  Please provide the following details to your support team.

  • The OpenID Connect Configuration URL
  • The Client ID
  • The Client Secret
  • Optionally, your public key

Once our support team have received these details, they will perform the configuration and invite you to test your access. 


InTIME

In InTIME an administrator can configure this themselves, using the process below.

  1. Navigate to Administration(Cog)→Security Settings Menu
  2. Add the "OpenID Connect metadata document" (collected above) to the "Metadata URL" field and click the "Load Configuration" button
  3. Add "code" to the "Response Type" field.
  4. Add "openid email" to the "Requested Scopes" field.
  5. Add the "Client ID" (collected above) to the "Client ID" field.
  6. Add the "Client Secret" (collected above) to the "Client Secret" field.
  7. Click "Save" at the bottom.
  8. Optionally you can "Require Single-Sign-On Authentication for user types" to require SSO for ALL user of a specific type OR you can enable it individually by the "Requires SSO" tick box on the user. Remember you can ONLY do SSO for users who are in your Azure.
  9. On the login page put the email in the first page and when you click OK it should connect to your Azure for authentication.
  10. On the Login page add you email to the