Single sign-on (SSO)

Passworks supports SAML for single sign-on (SSO).

To setup and configure single sign-on access on the Passworks Platform you need be logged in with owner account user, this is the account of the first user that created the Passworks account, that person is considered the owner and his account is the only one that is allowed to setup and configure the SSO permissions (there is only one owner per account).

  1. Select Users & PermissionsSingle Sign-On (SSO) to enabled the SSO for your organization.
    Owner account Please note the "Owner" written on the bottom of the card describing the user role.


  2. From your authentication provider copy: SSO URL and download the certificate and fill the "LDP SSO Target URL" and the "LDP Certificate":
    Owner account Here you can see on the footer of the image that the user is the "Owner", this is the role assigned to the current user.
    Also
    From the Passworks SAML configuration set the "ACS URL" from Passworks on your authentication provider, and provide the also the Passworks "Entity ID".

  3. Passworks uses the Mail attribute, First name attribute, and Last name attribute when authenticating. We've mapped those supported authentication source attributes as follows:
    Attribute Active Directory OpenLDAP SAML IdP Google Azure
    Mail attribute mail mail mail email mail
    First name attribute givenName gn givenName given_name givenName
    Last name attribute sn sn sn family_name surname