Single Sign-On (SSO)

You can access Celoxis with corporate credentials if SAML-based SSO is enabled for your account. After you enable this, it implies that all your user's authentication is managed entirely outside of Celoxis. Celoxis supports the following IDP's:

  • Google
  • Salesforce
  • Okta
  • OneLogin
  • Microsoft ADFS

Setting Up SSO

Before you begin with the setup, ensure the following:

  • Your SSO Identity Provider (IDP) is SAML 2.0 based.
  • All your users, clients have unique email addresses.
     

Step 1: Enable SSO in Test mode

  1. Login to Celoxis with a user having administrator privileges.
  2. From the user photo on top-right, click on Administration.
  3. From the left-hand options, click on Company Information.
  4. Navigate to the Single Sign-On tab.
  5. From the Status row, click on the Test radio button.
  6. From the options below, copy the ACS URL. This will be required to setup your IDP.
    After you have setup your IDP, enter the following details:
  7. Enter the IDP Entity ID. This is provided by the IDP.
  8. Enter the IDP URL. This is the address of your IDP which will be contacted for autheticating users.
  9. Copy - Paste the IDP Certificate. This information is available in the certificate provided by your IDP.
  10. Click Save.
     

Step 2: Test your setup

  1. After your step 1 is complete, you should try login to Celoxis by clicking on the Connect via Single Sign-On link on the Login page.
  2. After you click on the above link, you will be prompted to enter the email address.
  3. After entering this, you are directed to your IDP login screen; if not already logged in, where you are prompted you to enter the Email and password.
  4. After successful authetication, you are directed to Celoxis Dashboard.
    If something goes wrong, have a look at our Common issues section under your respective IDP.
     

Step 3: Go Live with your SSO

  1. After you have successfully completed step 2, review your SSO details again.
  2. Then, click on Live.
  3. Click on Save.

You are now Live with your SSO authentication. After this,

  • All your users will only be able to login to Celoxis by using the email address only which is saved in the IDP.
  • Your clients will continue to be authenticated by Celoxis by using the credentials saved in Celoxis.
  • You will not be able to reset your password using the Forgot Password / Resend Login Info links.
  • When creating new users, you will not see the Login, Password fields.
  • If there was any issues in the setup and now you cannot login, please contact support@celoxis.com for resetting your SSO details.

Configuring SSO with different IDP's