Knowledge Base Article

Aurora: Configure SSO settings for the community

Before you can use SSO with your community, you need to configure settings and enable the option. 

Note: As soon as you turn on the Use Khoros single sign-on (SSO) option, all the settings in the Single Sign-On area become active in the community.

To configure SSO settings and enable SSO:

  1. Go to System > Account & Privacy.
  2. Scroll down to the Single Sign-On (SSO) section. 
  3. Manage the following options:
    • Allow member to change their SSO email address: Enable members using SSO to change the email associated with their account. This should be enabled only if the email address is collected on the Community SSO Registration screen.
    • Use auto sign-in for fallback SSOWhen Khoros SSO token-based sign-in fails, auto sign-in is used instead.
  4. Enter the following SSO URLs:
    • Registration page: Direct users to this URL when they register.
    • Sign-in page: Direct members to this URL when they sign in.
    • Sign-out page: Direct members to this URL when they sign out.
    • Bounce URL(Optional) URL where the first request of a session is redirected. Can help to enable seamless Community authentication or "Bounce SSO". Leave blank to disable.
  5. Enter the Return value parameter name. By default, the Aurora Community application appends a query string parameter named referer (spelled as shown) and a value corresponding to the URL of the page the member was browsing prior to being redirected to the login or registration page. If your authentication system is already configured to use a parameter like “referer,” you can change “referer” to the name of that parameter. Otherwise, leave the parameter name as “referer.” 
  6. Turn on Use Khoros single sign-on (SSO) to make these settings active in the community.

URL formats

SAML (REDIRECT BINDING)
Sign-in URL:

<Aurora url>/t5/s/<communityID>/auth/saml/doauth/redirect

Sign-out URL:

<Aurora url>/t5/s/<communityID>/auth/saml/dologout/redirect

SAML (POST BINDING)
Sign-in URL:

<Aurora url>/t5/s/<communityID>/auth/saml/doauth/post

Sign-out URL:

<Aurora url>/t5/s/<communityID>/auth/saml/dologout/post

OIDC SSO
Sign-in URL:

<Aurora url>/t5/s/<communityID>/v1/auth/oidcss/sso_login_redirect/provider/<providerID>

Sign-out URL:

<Aurora url>/t5/s/<communityID>/v1/auth/oidcss/sso_logout_redirect/provider/<providerID>

Related topics:

Updated 5 months ago
Version 9.0
No CommentsBe the first to comment