SSO Support for Multiple Identity Providers
Organizations are now able to provide their people single sign-on access to 4me using more than one identity provider, such as Microsoft Azure Active Directory, Okta, OneLogin or Google Cloud Identity. The Add button in the toolbar (the one with the big + sign) is available for account owners in the ‘Single Sign-On’ section of the Setting console to set up multiple SSO integrations with different identity providers.
The first single sign-on configuration that is defined in a 4me account is automatically named ‘Primary’. When people need to access this 4me account, they can simply continue to use the URL of the account, e.g. https://widget.4me.com.
When another SSO configuration is added, the Reference field becomes available to give this configuration a unique identifier. As soon as a second SSO configuration has been defined, it is possible to also specify a reference for the first.
If users attempt to access the 4me account of their organization using the account’s URL without specifying one of the references at the end (e.g. by going to https://widget.4me.com), 4me will contact the identity provider specified in the ‘Primary’ SSO configuration. Or, if a value has been entered in the Reference field of all SSO configurations, 4me will contact the identity provider specified in the SSO configuration that is presented at the top of the list of SSO configurations. The account owner can move an SSO configuration to the top of the list by dragging and dropping it there.
When someone needs to make use of a specific SSO configuration that is not the primary one, this person should not use the account’s normal URL (e.g. https://widget.4me.com). Instead, the account owner should inform this person to use a special URL that ends with the Reference field value (e.g. onelogin).
Using the example URL and reference, the special URL that makes use of this SSO configuration would be: https://widget.4me.com?sso=onelogin.