This article includes the steps for enabling and configuring single sign-on (SSO) settings for Kompyte
Getting Started
Navigate to the Settings section.
If your account has the SSO feature included, you will see an SSO section in the left menu.
Once you navigate to the SSO section you will see the following:
We recommend sharing the IdP parameters with your IT team and temporarily adding them to Kompyte as an Admin so they can configure this section.
Once you upload your metadata XML file, you will see the following:
Now you can obtain your custom login URL as well as some SSO settings:
Only allow login with SSO: once this is activated, your team will only be able to access Kompyte through SSO. Otherwise, your team will be able to access through both SSO and regular login
If it does not exist, create a user with role XYY: this option allows you to add new users as soon as they try to access your Kompyte portal when using your custom login URL
Once you select your preferred option above, the SSO configuration is now complete and your Kompyte users will have a seamless authentication process.
Frequently Asked Questions About SSO
Can SSO be enabled for a test group, or must it be enabled for the entire org?
SSO is enabled for the entire org
What type of user provisioning is supported? SCIM, Just-in-time, etc.?
Just-in-Time
When an account is deprovisioned, are there any data loss or retention considerations?
When a user account is decommissioned and the user is deleted from Kompyte, the information associated with the user is not deleted. Instead, it remains associated to a "deleted user". If the user is created again (provisioned by the Just-in-time creation from the SSO), it won't recover the data associated. Another internal Kompyte user identification is created.
β
In the event that the SSO goes down, is there a backdoor URL we can use to access Kompyte?
Yes, if the account is configured correctly and the "only allow login with SSO" box is NOT checked
