SAP Knowledge Base Article - Public

2326938 - How do I enable single sign-on?

Symptom

How do I enable single sign-on?

Environment

  • SAP Roambi Cloud

Resolution

Roambi account administrators can enable Single Sign-On for their organization's Roambi account. Single Sign-On allows users of your Roambi account to authenticate using a known Identity Provider, such as Active Directory, LDAP or other Cloud SSO providers. Roambi uses the industry standard SAML 2.0 specification for Single Sign-On integration to your organization's identity provider. To configure Single Sign-On, follow these steps:

NOTE: After configuring and enabling SSO for your Roambi account, you must verify the settings by logging in (at least once). Once you have successfully logged into your account using SSO, your SSO settings will be active for all users.

  1. Login as an administrator to your Roambi account
  2. Navigate to the administration console by accessing the "Administration" button from the gear icon in the upper right corner of the Roambi home screen
  3. Navigate to the "Single Sign-On" section in the administration console
  4. By default, the Single Sign-On option is disabled. To enable Single Sign-On, tap the toggle switch to the right.
    1.png
  5.  Fill out the appropriate information for your SAML 2.0 connection and tap "Save" in the upper right.
  6. After SSO has been configured and enabled for your account, you must also verify the settings by logging in (at least once) using the SSO option. This will complete the steps required to enable SSO for your account.

 

Additional Notes:

  • The following table describes the configuration options on this page:
    Field Description
    Sign-In Page URL URL for the login page for your organization's SSO implementation. This is the SingleSignOnService Location for your IDP.
    Sign-Out Page URL URL for the logout page for your organization's SSO implementation.
    Verification Certificate X.509 certificate provided by your IDP. This certificate must contain your public key for verification. Roambi uses this key to validate the XML signature.
    Metadata Download this XML file from the Roambi server to provide your SSO provider with your Roambi configuration. For some IDPs, such as OpenAM, you can upload this XML file to configure your service provider. If you use this XML file to configure your IDP, you do not need to manually fill out the other fields in your IDP configuration panel.
    ACS URL Assertion Consumer Service (ACS) URL. Copy this URL and paste into the appropriate field in the configuration panel for your IDP. After your IDP finishes authentication, it sends your browser back to the ACS URL with the response.
    Issuer Contains the value used by your IDP to confirm that the request is coming from Roambi. Copy this URL and paste into the appropriate field for your IDP, if applicable. (Not all IDPs use this field.)

Keywords

Roambi Cloud roam bi phone mobile , KBA , BI-ROM-CLD-SRC , Roambi Cloud Service , How To

Product

SAP Roambi Cloud all versions