Enabling Single Sign-On (SSO)

iManage Share supports Single Sign-On (SSO), which enables organizations to manage user authentication within a single system (or provider) used within their organization.
For example, if organization uses Microsoft Active Directory Federated Services (AD FS) as the Identity Provider, users can use their Active Directory credentials to logon to iManage Share.

NOTE:

If the users want to use their iManage Share password to logon to iManage Share when the SSO is enabled, they can bring up the password field on the Sign In page by appending ?sso=false to the sign in URL. For example, https://www.imanageshare.com/?sso=false.

  1. Select the

    images/download/thumbnails/9407639/Blue-Down_Arrow.png

    icon next to your name at the top.

  2. Select Settings.

  3. On the Company Profile tab, select Edit next to Single Sign On at the bottom.

  4. Select the Enable check box.
    The Single Sign On tab is displayed, as shown in the following figure:

    images/download/attachments/9407639/image2019-10-24_20-14-30.png


    1. Identity Provider URL: Identity Provider's login end-point URL.

    2. Logout URL: Identity Provider's logout endpoint URL.
      To get these URLs, you must add a Relying Party Trust. For more information, see Adding a Relying Party Trust.

      NOTE:

      In addition, you must add claim rules for the Relying Party. For more information, see Adding Claim Rules for the Relying Party.


    3. KEY (SAML) : Copy & Paste the contents of the public key file starting with
      "-----BEGIN PUBLIC KEY----" and ending with "----END PUBLIC KEY-----
      OR the certificate key file starting with
      "-----BEGIN CERTIFICATE ----" and ending with "----END CERTIFICATE —— of the SSL certificate used to sign the SAML Assertion/Token into this text box and select Update.

When the administrator or a user with administrative privilege updates the SSO Public Key, the following details are displayed below the text box:

  • Key last updated: Displays the date and time when the key was last updated.

  • Key last updated by: Displays the user who last updated the key in the 'Name (email id)' format.

    NOTE:

    • The default status for both parameters is Not Available.

    • Last updated information is only stored for updates made going forward. Date/time and user information for updates made in the past are not recorded.