Links

Configure SSO Settings

Configure general information about an SSO Settings.

Package and Permission Required

The Auth package must be installed.
Furthermore, your user account or group membership must have the "Settings: Update Settings" permission to edit SSO settings unless your user account has the Make this user a Super Admin setting selected.
See the Settings permissions or ask your Administrator for assistance.

Configure SSO Settings

Notice to ProcessMaker Administrators

Enhance ProcessMaker security for your ProcessMaker instance by following these best practices. Among these best practices are to require all ProcessMaker users to log on to your ProcessMaker instance via Single Sign-On (SSO), OAuth, OKTA and/or two-factor authentication.
Configure the following SSO settings as necessary:

Enable Standard Login

Enable standard login. Otherwise, log on through SSO IdPs.
Follow these steps to enable standard login:
  1. 1.
    ​View your SSO settings. The SSO tab displays.
  2. 2.
    Enable the Allow Standard Login toggle key. The following message displays: The setting was updated.

Enable Automatic Registration

Enable whether SSO users should automatically register the first time that they log on.
Follow these steps to enable automatic registration:
  1. 1.
    ​View your SSO settings. The SSO tab displays.
  2. 2.
    Enable the Automatic Registration toggle key. The following message displays: The setting was updated.

Enable Permissions for SSO Users

Change which permissions from each permission category to assign users created through SSO.
Follow these steps to enable permissions for SSO users:
  1. 1.
    ​View your SSO settings. The SSO tab displays.
  2. 2.
    Click the Edit icon
    for the New User Default Config setting. The New User Default Config screen with the Permissions tab displays.
  3. 3.
    Select a collapsed permission category to expand the view of individual permissions within that category. Otherwise, select an expanded permission category to collapse that category.
  4. 4.
    Enable permissions as necessary. See Permission Descriptions for Users and Groups for descriptions.
  5. 5.
    Click Save. The following message displays: The setting was updated.

Enable Groups for SSO Users

Change which groups to assign users created through SSO.
  1. 1.
    View your SSO settings. The SSO tab displays.
  2. 2.
    Click the Edit icon
    for the New User Default Config setting. The New User Default Config screen with the Permissions tab displays.
  3. 3.
    Click the Groups tab. All available groups display.
  4. 4.
    Enable groups as necessary.
  5. 5.
    Click Save. The following message displays: The setting was updated.

Copy Permissions and Groups for SSO Users

Copy to clipboard a JSON format of all permissions and groups.
Follow these steps to copy the permissions and groups for SSO users:
  1. 1.
    ​View your SSO settings. The SSO tab displays.
  2. 2.
    Click the Copy to Clipboard icon
    for the New User Default Config setting. The following message displays: The setting was copied to your clipboard.

Enable Debug Mode

Select whether detailed SSO errors should be displayed. It is recommended to disable the debug mode in production servers.
Follow these steps to enable automatic registration:
  1. 1.
    ​View your SSO settings. The SSO tab displays.
  2. 2.
    Switch on the Debug Mode toggle key. The following message displays: The setting was updated.

Enable SSO Identity Providers

Select whether to enable single sign-on via SSO identity providers to log on as necessary. The SSO identity provider options display on the log on screen.
  1. 1.
    View your SSO settings. The SSO tab displays.
  2. 2.
    Enable any of the following SSO identity providers as necessary:
    The following message displays: The setting was updated.