SAML (Security Assertion Markup Language) is a secure login Authentication. A user can login Questetra BPM Suite just with the ID password which SAML server (ID Provider) manages. To build a Single Sign On (SSO) environment, configuration is needed for both, ID Provider information in Questetra BPM Suite, and Questetra BPM Suite information in ID Provider.
The single sign-on feature in Questetra BPM Suite has limitation as following. Interconnection is possible with ID Provider which is true to these condition.
To set Questetra BPM Suite, open [System Setting] then [Single Sign-on].
By checking [Enable Single Sign-on], columns that requires the following four items open. Be sure to set correct value acquired from ID Provider.
"Logout page URL" is not required. This is a endpoint URL for single logout. Set if supported by the IdP.
It is a configuration to prohibit password login to Questetra BPM Suite when Single Sign-on is Enabled. Even Password login is set disable, the system administrators (users with system administrator authority) can login with their password.
Setting is needed also in the ID Provider. Information of "Entity ID" and "ACS URL" may be required there. Both of them is indicated in [SP Information] in Single Sign-on setting screen, set those value to ID Provider.(*********** depends on the account.)
After setting in Questetra BPM Suite, "Login using Single Sign-on" will be displayed. If all the setting had done properly, clicking 'Login' button, login screen to ID Provider would appear. After being authorized there, screen will be back to Questetra BPM Suite in the state of logged in.
workflow, business process management, saas, bpmn, software
