Aurora: Configure SSO settings for the community
Before you can use SSO with your community, you need to configure settings and enable the option.
Note: As soon as you turn on the Use Khoros single sign-on (SSO) option, all the settings in the Single Sign-On area become active in the community.
To configure SSO settings and enable SSO:
- Go to System > Account & Privacy.
- Scroll down to the Single Sign-On (SSO) section.
- Manage the following options:
- Allow member to change their SSO email address: Enable members using SSO to change the email associated with their account. This should be enabled only if the email address is collected on the Community SSO Registration screen.
- Use auto sign-in for fallback SSO: When Khoros SSO token-based sign-in fails, auto sign-in is used instead.
- Enter the following SSO URLs:
- Registration page: Direct users to this URL when they register.
- Sign-in page: Direct members to this URL when they sign in.
- Sign-out page: Direct members to this URL when they sign out.
- Bounce URL: (Optional) URL where the first request of a session is redirected. Can help to enable seamless Community authentication or "Bounce SSO". Leave blank to disable.
- Enter the Return value parameter name. By default, the Aurora Community application appends a query string parameter named referer (spelled as shown) and a value corresponding to the URL of the page the member was browsing prior to being redirected to the login or registration page. If your authentication system is already configured to use a parameter like “referer,” you can change “referer” to the name of that parameter. Otherwise, leave the parameter name as “referer.”
- Turn on Use Khoros single sign-on (SSO) to make these settings active in the community.
URL formats
SAML (REDIRECT BINDING)
Sign-in URL:
<Aurora url>/t5/s/<communityID>/auth/saml/doauth/redirect
Sign-out URL:
<Aurora url>/t5/s/<communityID>/auth/saml/dologout/redirect
SAML (POST BINDING)
Sign-in URL:
<Aurora url>/t5/s/<communityID>/auth/saml/doauth/post
Sign-out URL:
<Aurora url>/t5/s/<communityID>/auth/saml/dologout/post
OIDC SSO
Sign-in URL:
<Aurora url>/t5/s/<communityID>/v1/auth/oidcss/sso_login_redirect/provider/<providerID>
Sign-out URL:
<Aurora url>/t5/s/<communityID>/v1/auth/oidcss/sso_logout_redirect/provider/<providerID>
Related topics:
Updated 5 months ago
Version 9.0