Federated Authentication

Source: This article refers to Federated Authentication


1 Introduction

In order to improve security while streamlining access to Field Service mobile applications, Coresystems has integrated Federated Authorization using SAML 2.0 and Microsoft Active Directory. This provides users with Single Sign-on access to all Field Service Mobile applications while protecting sensitive account information.

Note: In addition to Microsoft Active Directory, Coresystems also supports any SAML-compliant Identity Provider for Federated Authentication.


2 Federated Authentication Overview

This section provides an overview of the components involved in Federated Authentication, and how they relate to another.


3 Configuring Fed Auth for Field Service Mobile

3.1 Prerequisites

  • MS Windows Server 2008 R2 and Active Directory role.
  • ADFS 2.0. You can download the appropriate version from Microsoft
ATTENTION: Do NOT install the ADFS provided with the Win Server 2008 R2, as this version includes ADFS version 1.1.

3.2 Add Relying Party Trust

Note: These instructions are ONLY for Microsoft Active Directory.


3.3 Configure Claim Rules

Note: These instructions are ONLY for Microsoft Active Directory.


4 Configure the Cloud Account in the Admin portal

Please note the following:

  • SAML is configured by default for ALL accounts
  • SAML is configured by default for ALL users

The steps contained in this section are only required for accounts for which SAML is not automatically enabled.


4.1 Add New SAML configuration

Attention: This feature is only available for administartors and consultants.


4.2 Configure Account’s Default Authentication Method

This setting ensures that all new users of the account will use the specified authentication method.


4.3 Configure User’s Authentication

A user can log in either via password (by default) or via SAML. In order to ensure that the user logins in via SAML, complete the following steps:


5 Post-Configuration

5.1 Web App Login

  • After entering the cloud account name on login, users will be directed to the external login page.
  • If SAML has NOT been configured for the user, they can still login directly to the application using their cloud credentials using the following url: https://apps.coresystems.net/workforce-management/#/login/password/
  • If SAML has been configured for the user, they are always directed to the external login page.

5.2 Mobile App Login

  • After entering the cloud account name on login, users will be directed to the external login page.
  • When selecting back from this screen, it is possible to enter all details (including user and password) even if the account is configured for SAML.
  • If SAML is NOT configured for the user, they can directly login to the application with their cloud credentials.
  • If the user has SAML configured, they will be directed to the external login page.
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

0 comments

Article is closed for comments.