Whatfix Mobile Single Sign On
- 11 Oct 2024
- 2 Minutes To Read
-
Print
-
DarkLight
-
PDF
Whatfix Mobile Single Sign On
- Updated On 11 Oct 2024
- 2 Minutes To Read
-
Print
-
DarkLight
-
PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
Whatfix supports login with Single Sign-On (SSO). SSO is an authentication process that enables users to access multiple applications with one set of login credentials.
Your title goes here
To enable SSO for your Whatfix account, contact support@whatfix.com.
How does SSO work in Whatfix?
Click Sign In with SSO on your login screen.
.png?sv=2022-11-02&spr=https&st=2024-11-23T21%3A09%3A35Z&se=2024-11-23T21%3A19%3A35Z&sr=c&sp=r&sig=Z7idJxFdKhabldd6AuUpcU1zRb4GjXp8MY2yFX1Grso%3D "mobile_sso_sign in(3).png")
In the SSO Sign in screen, enter your email address and then click Sign In.
On the Identity Provider screen that opens, enter your authentication information.
Your title goes here
Once you enter the credentials of the Identity Provider, it is verified and you are then redirected to the Whatfix account
Identity Providers supported by Whatfix
An Identity Provider (IdP) is an authority system that holds and verifies the user authentication information. Whatfix interacts with your IdP and trusts the information provided by the IdP to gain access to the application. Whatfix supports the following identity providers:
Okta
PingFederate
Azure Active Directory
Any identity provider compliant with SAML 2.0 works with Whatfix SSO.
Requirements to enable SSO on your account
The following information has to be exchanged with Whatfix.
Information | Detail | Example |
|---|---|---|
The organization provides this information | Enterprise Name* | XYZ corp |
IdP EntityId* | https://app.onelogin.com/saml/metadata/905b5aec-defd-4f7a-a910-dae67c220cbe | |
IdP SSO Service URL* | ||
X509 certificate* |
| |
SAML identity location* (If the NameID is not available, you can provide the attribute element instead) | urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress OR
| |
Whatfix provides this information | Identifier/Audience URI/Entity ID | whatfix |
ACS URL* (US) | https://whatfix.com/saml_auth/?service=samlFromIdp | |
ACS URL* (India) | https://whatfix.com/saml_auth/?service=samlFromIdp | |
ACS URL* (EU Dashboard) | https://eu.whatfix.com/saml_auth/?service=samlFromIdp | |
Sign-on URL* | US: https://leap-eus.whatfix.com/sso-login India: https://leap-in.whatfix.com/sso-login EU: https://leap-eu.whatfix.com/sso-login
| |
Relay state* | Relay State is dynamic and will be different for every organization. Contact your Whatfix representative to get your Relay State. | |
Relay state* (EU Dashboard) | Relay State is dynamic and will be different for every organization. Contact your Whatfix representative to get your Relay State. |
* The value of each detail varies for every organization. For more details, contact support@whatfix.com.
Your title goes here
Logging in via IdP is not supported when you have multiple accounts or ENTs. This is because the Sign-On URL is different for each account, or ENT.
You cannot configure both non-EU and EU Whatfix accounts simultaneously via SSO login since the ACS URL domain is different for non-EU and EU accounts.
Your title goes here
SSO users can't see the Forgot Password option in the admin menu. All password changes need to be performed at the Identity Provider level.
Every time a user clicks Sign In with SSO, they are redirected to their Identity Provider's login page.
Currently, Whatfix does not support SLO (Single Log Out). When a user signs out of a Whatfix account, it does not log them out of the IdP.
The user has to provide configuration parameters for Whatfix to establish an interface with their identity provider.
Was this article helpful?