Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            How to configure Single Sign-On for Skedler

            Modified on Thu, 2 Feb, 2023 at 4:54 AM

            Introduction


            Single Sign-On (SSO) is a system that allows users to log in to multiple applications or services with a single set of credentials. This eliminates the need for users to remember multiple usernames and passwords, making it more convenient and secure for them to access their various accounts. SSO systems often use centralized authentication services, such as Active Directory or LDAP, to authenticate users and grant them access to the various applications they need to use.


            How it Works?


            With this feature's help, users can now log in to Skedler using an identity provider (such as Google, Okta, Private Active Directory, etc.) without entering their login information again. In order to authenticate users and grant access to the Skedler application, the IdP and Skedler communicate via the OAuth 2.0 protocol.


            Configure SSO for Skedler 


            Step 1- Open the reporting.yml file.


            Step 2- Scroll down to the ssoOAuth section and uncomment to configure the following parameters in reporting.yml


            Note below is the Sample config details with IdP as Okta.


            #   - authType: 'Okta'
            #     icon: 'okta.(svg || png)' // Custom icon for the IDP,  Add your images inside the assets folder Linux: /var/lib/skedler-xg/assets/external  windows:  c:/skedler-xg-system-files/assets/external
            #     issuer: 'https://<tenant-id>.okta.com'
            #     authorizationURL: 'https://<tenant-id>.okta.com/oauth2/v1/authorize'
            #     tokenURL: 'https://<tenant-id>.okta.com/oauth2/v1/token'
            #     userInfoURL: 'https://<tenant-id>.okta.com/oauth2/v1/userinfo'
            #     clientID: 'xxxxxxx'
            #     clientSecret: 'xxxxxxxx'
            #     callbackURL: 'http://hostname:3005/api/1/user/skedler'
            #     scope: 'openid profile'


            Step 3- Restart Skedler to apply the configured changes.


            Note,

            By default callback URL is 'http://hostname:3005/api/1/user/skedler', which should be the same as the sign-in redirect URL


            If you use the reverse proxy using a proxyBasePath, you need to update the callback URL with the proxyBasePath in the reporting.yml | example, http://{domain}/{proxyBasePath}/api/1/user/skedler



            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0