Contact Support


    Single Sign On

    Setup Single Sign On in RMS.

    Decision Tree


    Single Sign On (SSO) allows users to access multiple applications using a single login with an Identity Provider.

    • Information
    • Setup
    • Add Button

    Information

    Single Sign On (SSO) centralises user authentication to a single Identity Provider (IdP) that can provide access to multiple configured applications.

    Activating SSO in RMS will require users to be authenticated by the Identity Provider to access RMS.



    RMS must be setup in the Indentity Provider prior to activating SSO in RMS.

    Activating SSO in RMS without completing the neccessary setup in the IdP will lock all users out of RMS.



    • Setup
    • Add Button

    Setup

    The following setup will need to be completed by the IT Administrator and RMS System Administrator.

    • Step 1 - Add RMS in the IdP
    • Add Button

    Step 1 - Add RMS in the IdP

    This step is performed outside of RMS and should be completed by the IT Administrator.

    Add RMS as a SAML Application or Endpoint with the Identity Provider (IdP) using the below information.

    RMS Entity ID: https://app.rmscloud.com
    RMS Digital Registration Card Entity ID: https://regocard.rmscloud.com/
    Assertion URL: https://[environment][appname][datacentre#].rmscloud.com/SAML/Assertion
    Login URL: https://[environment][appname][datacentre#].rmscloud.com/sso/[RMSclientID#]
    RMS URL Example: https://app2.rmscloud.com



    The complete property specific URL can be obtained by logging into RMS using an Internet Browser and copying the URL after successful login.



    IT Administrators should consult the documentation of their Identity Provider for further assistance with this step.



    Complete the following before continuing.

    • Step 2 - Setup SSO in RMS
    • Add Button

    Step 2 - Setup SSO in RMS

    After RMS has been added to the Identity Provider, SSO can be activated in RMS.

    Selecting the SSO Username Type as 'Federation ID' will require a Federation ID to be setup on all RMS Users before continuing.



    SSO cannot be trialled independently in the RMS Training Database.

    Use the 'Test Login' or 'Test Application' feature within the IdP to ensure RMS has been added correctly prior to activating SSO in RMS.



    • Setup
    • Add Button

    Setup

    Have your System Administrator complete the following.

    1. Go to Setup > Security in RMS.
    2. Navigate to the 'SSO' tab.
    3. Select the checkbox 'SSO Enabled'.
    4. Enter the Issuer.
    5. Upload the IdP Issuer Certificate.
    6. Enter the Login URL.
    7. Enter the Logout URL.
    8. Select the SSO Username Type.
    9. Select the SSO Username Location.
    10. Optional: Enter the Name ID Format.
    11. Select 'Save'.



    Users will be locked out of RMS if the appropriate setup and testing has not been completed in the IdP before saving.



    IdP Issuer Certificates will be in the file format of .txt .cer or .pfx.

    Selecting the SSO Username Type as 'Federation ID' requires a Federation ID to be setup on all RMS users before continuing.

    Selecting the SSO Username Location as 'Attribute Element' requires an Attribute Name to be specified.



    • Guide
    • Finish
    • Add Button

    Guide

    Go to Setup > Security in RMS.

    Navigate to the 'SSO' tab.

    Select the checkbox 'SSO Enabled'.

    Enter the Issuer.

    Upload the IdP Issuer Certificate.

    Enter the Login URL.

    Enter the Logout URL.

    Select the SSO Username Type.

    Select the SSO Username Location.

    Optional: Enter the Name ID Format.

    Select 'Save' to activate SSO in RMS and store the changes made.


    Users will be locked out of RMS if the appropriate setup and testing has not been completed in the IdP before saving.



    • Finish
    • Add Button

    Finish

    SSO is now active in RMS.

    Users will need to be logged in and authenticated with the Identity Provider to gain access to RMS.



    Use the below URL in the Internet Browser to access the RMS Training Database when SSO is active in RMS.

    Replace [RMSClientID#] in the below URL with the property's RMS Client ID.

    https://app.rmscloud.com/sso/[RMSclientID#]/training



    Finish

    SSO is now active in RMS.

    Users will need to be logged in and authenticated with the Identity Provider to gain access to RMS.



    Use the below URL in the Internet Browser to access the RMS Training Database when SSO is active in RMS.

    Replace [RMSClientID#] in the below URL with the property's RMS Client ID.

    https://app.rmscloud.com/sso/[RMSclientID#]/training



    Setup

    The following setup will need to be completed by the IT Administrator and RMS System Administrator.

    • Step 1 - Add RMS in the IdP
    • Add Button

    Step 1 - Add RMS in the IdP

    This step is performed outside of RMS and should be completed by the IT Administrator.

    Add RMS as a SAML Application or Endpoint with the Identity Provider (IdP) using the below information.

    RMS Entity ID: https://app.rmscloud.com
    RMS Digital Registration Card Entity ID: https://regocard.rmscloud.com/
    Assertion URL: https://[environment][appname][datacentre#].rmscloud.com/SAML/Assertion
    Login URL: https://[environment][appname][datacentre#].rmscloud.com/sso/[RMSclientID#]
    RMS URL Example: https://app2.rmscloud.com



    The complete property specific URL can be obtained by logging into RMS using an Internet Browser and copying the URL after successful login.



    IT Administrators should consult the documentation of their Identity Provider for further assistance with this step.



    Complete the following before continuing.

    • Step 2 - Setup SSO in RMS
    • Add Button

    Step 2 - Setup SSO in RMS

    After RMS has been added to the Identity Provider, SSO can be activated in RMS.

    Selecting the SSO Username Type as 'Federation ID' will require a Federation ID to be setup on all RMS Users before continuing.



    SSO cannot be trialled independently in the RMS Training Database.

    Use the 'Test Login' or 'Test Application' feature within the IdP to ensure RMS has been added correctly prior to activating SSO in RMS.



    • Setup
    • Add Button

    Setup

    Have your System Administrator complete the following.

    1. Go to Setup > Security in RMS.
    2. Navigate to the 'SSO' tab.
    3. Select the checkbox 'SSO Enabled'.
    4. Enter the Issuer.
    5. Upload the IdP Issuer Certificate.
    6. Enter the Login URL.
    7. Enter the Logout URL.
    8. Select the SSO Username Type.
    9. Select the SSO Username Location.
    10. Optional: Enter the Name ID Format.
    11. Select 'Save'.



    Users will be locked out of RMS if the appropriate setup and testing has not been completed in the IdP before saving.



    IdP Issuer Certificates will be in the file format of .txt .cer or .pfx.

    Selecting the SSO Username Type as 'Federation ID' requires a Federation ID to be setup on all RMS users before continuing.

    Selecting the SSO Username Location as 'Attribute Element' requires an Attribute Name to be specified.



    • Guide
    • Finish
    • Add Button

    Guide

    Go to Setup > Security in RMS.

    Navigate to the 'SSO' tab.

    Select the checkbox 'SSO Enabled'.

    Enter the Issuer.

    Upload the IdP Issuer Certificate.

    Enter the Login URL.

    Enter the Logout URL.

    Select the SSO Username Type.

    Select the SSO Username Location.

    Optional: Enter the Name ID Format.

    Select 'Save' to activate SSO in RMS and store the changes made.



    Users will be locked out of RMS if the appropriate setup and testing has not been completed in the IdP before saving.



    • Finish
    • Add Button

    Finish

    SSO is now active in RMS.

    Users will need to be logged in and authenticated with the Identity Provider to gain access to RMS.



    Use the below URL in the Internet Browser to access the RMS Training Database when SSO is active in RMS.

    Replace [RMSClientID#] in the below URL with the property's RMS Client ID.

    https://app.rmscloud.com/sso/[RMSclientID#]/training



    Finish

    SSO is now active in RMS.

    Users will need to be logged in and authenticated with the Identity Provider to gain access to RMS.



    Use the below URL in the Internet Browser to access the RMS Training Database when SSO is active in RMS.

    Replace [RMSClientID#] in the below URL with the property's RMS Client ID.

    https://app.rmscloud.com/sso/[RMSclientID#]/training





    Was this article helpful?

    Send Feedback

    Can’t find what you’re looking for?

    Contact Support