Skip to main content

Single Sign-on (SSO)

Mike
  • Updated

Vista Social provides SAML 2.0 Single Sign-on (SSO) functionality for customers on both web and mobile platforms. This SSO capability allows employees to access multiple applications using one managed set of login credentials (such as username and password).


Vista Social's Support and Engineering departments are unable to offer personalized consultation about SSO configuration or provide one-on-one answers to SSO questions. Instead, please work with your organization's IT teams or your IDP provider for assistance with SSO setup and any related inquiries.

 

Benefits of SSO

The primary advantage of implementing SSO is enhanced account security. When an employee's permissions, access privileges, or employment status changes, network administrators can efficiently disable all associated accounts with minimal effort. Furthermore, SSO delivers a smoother login experience by eliminating the need for employees to remember or manage multiple passwords.

 

Supported SSO Providers

Single Sign-on for Vista Social is directly supported by the following IdPs:

  • OneLogin
  • Google
  • Okta
  • Azure AD

Vista Social supports SAML (Security Assertion Markup Language) 2.0 for SSO, meaning that even if your Identity Provider isn't specifically mentioned, compatibility should still be possible as long as your IdP offers SAML 2.0 support.

 

Technical Specifications

 

Work with your IT/Security teams to gather the necessary technical information for planning Vista Social's custom SSO integration. Here is some technical information your IT team might need to begin the process:

  • Vista Social supports both IdP and SP initiated SSO through SAML 2.0
  • Vista Social AuthnRequests contain an Issuer value/Entity ID unique to each email domain. 
  • Vista Social's Assertion Consumer Service (ASC) URL is available in maniifest xml that will be provided by our team.
  • Vista Social requires IdPs to use emailAddress as their Response's Subject's Name.
  • When using unspecified NameID, an emailAddress attribute must also be provided
  • Vista Social uses HTTP REDIRECT or POST bindings
  • Vista Social requires you to provide a signing certificate

 

Setup process

  • Contact support team to request your manifest file.
  • Once you are done configuring your IDp you will send your SAML Identity Provider Metadata file along with certificate to the support team.
  • Our team will then configure your SSO.

 

Important notes

  • Once SSO is configured for a domain
    • Your users will have to login using SSO. Email/password login option will not work for them.
    • Your users won't be able to reset their Vista Social password.
    • Your users won't be able to configure 2 factor authentication in their Vista Social accounts.
  • If you need to enable SSO for multiple domains, let your account manager know as the SSO add-on can be customized to fit your needs.

 

 

 

 

 

Related articles