Skip to content

Commit

Permalink
ICM-37611 - Update configure-sso-via-saml.md
Browse files Browse the repository at this point in the history
  • Loading branch information
@yernarmailyubayevgcore
yernarmailyubayevgcore authored Dec 26, 2024
1 parent 6d0a830 commit 3eff8f7
Showing 1 changed file with 19 additions and 1 deletion.
20 changes: 19 additions & 1 deletion documentation/reseller-support/manuals/configure-sso-via-saml.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,4 +92,22 @@ Enter the corporate domain for which SSO authorization is connected and click "S

<img src="https://assets.gcore.pro/docs/reseller-support/manuals/configure-sso-via-saml/reseller-sso-30.png" alt=" SSO authorization" width="50%">

3\. Enter your username and password and log in.
3\. Enter your username and password and log in.

## Supporting IDP-Initiated Login

In cases where the identity provider (IdP) initiates the login, specific configurations are required to ensure the redirection flow works correctly. Our implementation primarily supports Service Provider (SP)-initiated login. However, with certain adjustments, IdP-initiated login can also be facilitated as follows:

1\. Redirect to SP Login Endpoint: Configure the IdP to redirect login requests to the Gcore Service Provider endpoint: `auth.gcore.com` or if you have a custom domain, use the custom domain URL: `auth.example.com`.

2\. Update Gcore Portal Settings: In the Admin Portal, ensure that the "SSO Login" authorization method is active and correctly configured to handle the incoming requests from the IdP, also if you want you can force redirect to the Identity provider by enabling the option.

3\. Modify IdP Settings: Adjust the IdP settings to require SP-initiated login. When users attempt to log in from the IdP, they should be redirected to the Gcore portal login URL (`auth.gcore.com` or `auth.example.com`) before being authenticated by the IdP.

4\. Verify Redirect Flow: Ensure the redirect flow proceeds as follows:
- User clicks "Login to Gcore Portal" on the IdP.
- The request is redirected to `auth.gcore.com` or `auth.example.com`.
- The user is then redirected back to the IdP for authentication.
- Upon successful authentication, the user is logged into the Gcore portal with the correct domain settings.

By implementing these steps, the IdP-initiated login scenario can be handled seamlessly while maintaining the security and integrity of the SSO process.

0 comments on commit 3eff8f7

Please sign in to comment.