SSO offers a user-friendly approach to log into multiple applications or platforms using a single set of credentials. This document outlines our company's guidelines for SSO integration.
To enable this feature, you must have a teams account and hold the owner role. Once enabled, All members will be able to log in using your identity provider.
Additionally, any new users opting for SAML authentication will seamlessly integrate into your organization, streamlining the onboarding process.
How It Works
The user can use either of these methods:
Member attempt to log in to Wave Connect (Wave) by entering his/her email address.
The user attempts to login by clicking on the SSO button and entering the organization username (this can be found and configured under your organization settings on Teams by Wave Connect).
Wave Connect sends a request to the identity provider.
The identity provider checks this member's credentials.
The identity provider sends a response to Wave to verify the member's identity.
Wave accepts the response and logs the member into their Wave account.
Note: Email aliases do not work with SAML SSO.
SAML - What We Need
To integrate with our system, we will need the following:
The provider's Entity ID: A name that identifies the identity provider.
The provider's SSO URL: The URL of the identity provider's sign-in page.
The provider's public key certificate: The certificate used to validate tokens signed by the identity provider.
SAML - What You Will Need
To link our authentication system to your SSO, you will need to add Assertion Consumer Service, or ACS URL, tells the IdP where to redirect an authenticated user after sign-in
https://app.wavecnct.com/__/auth/handlerYou'll also need to add the our Service Provider Entity ID:
wave-connect