Can I set up Single Sign On (SSO) with my Identity Provider?

If your organization works with an Identity Provider to help with offering secure login to your employees or members, then the term Single Sign On, or SSO, will be familiar to you. This allows attendees to seamlessly sign into a series of solutions using a single set of credentials. 

Creating a seamless login experience to your Event Space is also possible using SSO with your preferred Identity Provider.

How Do I Set Up SSO For My Event?

Your identity provider can be connected to your Event Space by visiting the SSO Connection area of your Organization. Here, your team will have access to connect any Identity Provider that supports SAML 2.0 or OpenID. For SAML Identity Providers, you will also need to provide the Metadata Document Endpoint URL. 

It is important to note: OAuth is not supported as a method for SSO authorization. However, OpenID Connect (sometimes called OpenID) is an extension of OAuth that performs the Single Sign On authorization and is supported.

This information will need to be captured directly from the identity provider solution, and will likely require the assistance of your IT team who is familiar with where to access this information. 

Note: Your IT team will be required to set up your event's SSO successfully. 

Screen Shot 2022-03-09 at 8.34.15 AM

Important Steps to Setting Up Azure

If you are using Azure as your SSO solution, you will want to be aware of a few steps that will differ slightly in the set up process. 

When mapping email, first and last name (i.e, Okra, OneLogin, Google, Azure, etc.), it is a mandatory step to specify the attribute of the value in the Identity Provider first.

In most cases, you will need to put the attribute(value) instead of the Claim name in EventMobi's UI to ensure the mapping is current, however, with Azure specially you will need to use the Claim name. 

Which Identity Providers Will Work?

EventMobi's Single Sign On feature will work with all Identity Providers that use SAML 2.0 and OpenID.

It is, however, important to note that SSO does not support Social Sign-On. This means that attendees will not be permitted to login using social media credentials, or a personal Google account. 

Okta Yes
Google SAML Yes
Azure Yes
JumpCloud Yes
OneLogin Yes
PingOne Yes
vmware Yes
Auth0 Yes
Personal Google Account No
Facebook No
Instagram No
LinkedIn No

How Will Attendees Access the Event Space with SSO?

When attendees access an Event Space that has SSO enabled, they will see a 'Login using Single Sign-On' option in addition to the standard 'Email' field on the login page. 

Screen Shot 2022-01-27 at 9.17.13 AM

After selecting the SSO option on the login screen, attendees will be directed to the Identity Provider you have connected with the SSO for your Event Space. One the page that loads, attendees will simply need to input their username and password and then select their account to confirm and proceed with the login process. 

Screen Shot 2022-01-27 at 9.24.49 AM

Depending on the security settings you have enabled for your Event Space, the user will be directed to one of the following next steps: 

#1: The attendee will be admitted to your Event Space

This step will occur if the person who has logged in is listed within the People library of your Experience Manager, and can be confirmed as authorized to access your Event Information. This step will also apply if your security settings allow for anyone to log into the Event Space. 

Note that if you have added Privacy & Terms to your Event Space, that the Terms of Use will need to be accepted prior to accessing the Event Space.

Screen Shot 2022-01-27 at 9.25.54 AM

#2: The attendee will be advised that they are not permitted to access the event.

This message will appear if the person who has logged in is not in the People library of your Experience Manager, and your security settings are restricting access only to these profiles. 

In order to permit the attendee access to the event you will want to make sure that you have the correct email address added to their People profile, or you will need to create a People profile for them before they can login. 

Screen Shot 2022-01-27 at 9.34.20 AM

Can We Enable Social Login?

Single Sign-On (SSO) will require you to use an Identity Provider solution in order to permit attendees access to the Event Space. Social Login through sites such as Google, Facebook or LinkedIn are not currently supported.

Can We Perform a Directory Sync from our Identity Provider?

Single Sign-On (SSO) does not currently support Directory Sync, meaning the people added to your Identity Provider cannot be synced over to the People list of the Experience Manager. If you have enabled security settings to ensure only specific people can access your event, you will also need to create a People profile for them prior to launching the Event Space.