Logging in with SSO
Instead of signing in with a username and password, you can choose to have your users log into the system with Single sign-on (SSO). This allows your users to use one login method to sign into multiple different systems. For example, you can set up SSO with Google and have your users log into Fireberry using their Google account. In addition to creating an easier way for your users to log in, SSO also increases the security of your account.
To enable SSO in your system, you’ll first need to add the Safeguard security package, which you can do here. After enabling the Safeguard package, all your users will be able to use SSO to log into their individual Fireberry profiles. You can set up SSO through any of the different directories, such as OKTA, Azure AD, Google Directory, etc. Below we’ll go over how to set up SSO in your system, and how to log in with SSO
Setting up your directory
As a first step, select the directory you’d like to use. This directory may ask for the Entity ID. If they do, set this to the following domain: https://app.fireberry.com. Next, you’ll need to set your Assertion Consumer Service (ACS) URL. This URL uses the following structure: https://app.fireberry.com/auth/login/sso/callback/{Organization ID}. You’ll need to replace the {Organization ID} with your system’s specific ID. This ID is the same for all your system users. To access this ID, first go to your Profile, then open the Security tab, and finally open the API Access Token section. Here you’ll find the Organization ID field.
Copy this field and then paste it into the URL above. For example, your final URL may look like this: https://app.fireberry.com/auth/login/sso/callback/RA45WO9X-1739-2091-J0PA-26HWPA26WHA5
You can now enter this URL into your chosen directory. Once you’ve set up both the Entity ID and the ACS URL in your directory, you can set up SSO in Fireberry.
Setting up SSO in Fireberry
To start, go to your settings and open the Security tab. This will automatically open the Login section. You can now select the SSO option. Here there are three different fields which you’ll need to set using values from your directory.
- SAML SSO URL: Here simply set the URL value provided by your directory.
- Identity Provider Issuer: This value changes depending on the directory you’re using. If your directory does not provide a value for this field, set it to https://app.fireberry.com.
- Public Certificate: Here you should exactly copy the certificate provided by your directory. Be sure you haven't added any line breaks, spaces, or anything else, as this will cause issues with the certificate.
After setting all the fields, be sure to click Save to apply your changes. Your users will then be able to use SSO to sign into Fireberry.
Signing in with SSO
Once SSO is set up and activated, there are two different ways which you can use to sign into your system. The first is directly through your provider. For example, if you've set up Google Directory you can sign in directly from your Google account.
The second is through Fireberry. From the login page, which you can find here, click the Login with SSO option. You’ll now be able to enter the email address connected to your SSO provider and then click Login With SSO to log into your account.
Set up the single sign-on (SSO) login method for your system users to create an extra layer of security and allow them to sign in with the same details across multiple platforms.
Course Lessons
Up next
