Corporate Single Sign On (SSO) allows you to use your corporate Identity Provider (IDP) to authenticate user sign in.
Prerequisite steps.
- You will need a verified domain name for your tenancy.
- Provide DataTrails with the tenancy ID and the verified domain name that you wish to use.
Once these have been met DataTrails will enable SSO on your tenancy and configuration can begin.
Obtaining a verified name for your tenancy.
-
Email support@datatrails.ai
-
Use an email address from the domain that you wish to verify
-
For example, mail us from @datatrails.ai to verify the datatrails.ai domain tenancy
-
- We will send you a confirmation email for your request.
Generic SSO configuration
Customer IDP config.
-
Create app registration in your IDP (typically named “DataTrails”) with the following settings:
-
Auth type / sign-in method: OIDC
-
Application type: Web app
-
Login URI: https://app.datatrails.ai/login
-
Callback URI: https://b2carchivistprod3.b2clogin.com/b2carchivistprod3.onmicrosoft.com/oauth2/authresp
-
Enable auth and refresh tokens for grant types (where appropriate)
-
-
Configure other settings according to customer IT requirements
-
Add users to the newly configured app registration
Customer DataTrails config.
-
Go to Settings → General
-
Complete Enterprise Single Sign-on fields
-
Enter OIDC Config URL as per guidance from IDP
-
Enter client ID and secret from previously created IDP app registration
-
Enter issuer (this can be retrieved from the OIDC Config URL)
-
-
Click save. Note that it can take up to 15 seconds for the configuration to save.
The customer can now login using the SSO button in the DataTrails login screen by providing their Verified Domain name.