Single Sign-On (SSO) Support

Owned by Anh Arsenault
Last updated: May 22, 2024 by Thai Nguyen
2 min read

Open Kitchen supports SAML Single Sign-On (SSO) authentication that allows a user to log in Open Kitchen with a single credential that is shared with the user’s Organization.

 

  1. We will provide you our metadata:

    • EntityID (Mostly ok.sitesage.net)

    • Reply URL (Aka: ACS URL)

  2. You will need to provide us your metadata:

In most case, you just need to provide us an URL to download your metadata.

If that is not the case, then please provide:

  • Identity Provider (IDP) EntityID

    • Ex: https://sts.windows.net/56eed132-9f22-4ed9-nnnnnn/

    • If you provide us the ‘App Federation Metadata Url’ as shown in the image below, we will extract the EntityID from there.

  • Identity Provider Username Claim Type URI

    • Ex: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name

  • Your choice to have all your users use SSO or a mix of some users use SSO and some users still log in using username/password.

An example of Azure Entra ID (formerly AzureAD)

 

After Step 1 & 2 completed, in Open Kitchen via ADMIN > Users> Add User, a user can be created within this SSO Customer Account with the option to check for SSO if the Account has Mixed SSO users

image-20240521-015952.png

  1. In Open Kitchen, ADMIN > Account > Security tab displays Single-Sign-On Information. We currently do not allow Open Kitchen Admin users to edit this.