How can admin enable SSO-based login with greytHR?

Single sign-on (SSO) allows users to access multiple applications and websites using a single set of credentials for authentication. To enable the SSO-based login with greytHR, the admin must follow the following steps:

1. Enable SAML SP feature.

2. Get inputs from client to enable the SAML configuration in greytHR.

3. Upload metadata.xml or Certificate file.

Let us learn how to perform these steps in detail.

Enable SAML SP feature 

To enable the SAML SP feature, the admin must perform the following actions:

1. From the greytHR Admin portal, click the Settings icon > My Account > New Features. The New Features page opens.

2. From the list of features, search for SAML SP.

3. Click the card. The card expands.

4. Click the Enable this feature button. The Enable Feature pop-up appears.

5. Click Confirm to enable the SAML SP feature.

After enabling the SAML SP feature, the next step is to gather the requirements from the clients.

Get inputs from client to enable the SAML configuration in greytHR

The following are the requirements that must be gathered from the client to proceed further:

After getting the inputs from the client, the next step is to upload the metadata.xml or the certificate file.
Note: You can either upload the metadata.xml or the certificate file on the SAML Settings page.

Upload metadata.xml or Certificate file

To upload the metadata.xml or the certificate file, the admin must perform the following actions:

1. From the greytHR Admin portal, navigate to the Settings icon > System Settings > Miscellaneous > SAML Settings. The SAML Settings page opens.
   
    
   
   

2. Under the SP COnfiguration section, the information such as the SSO Application Name, SP Employee Consumer URL, SP Admin Consumer URL, and SP Entity ID reflects as per the client requirements. 

3. Under the IDP Configuration section, you can upload the metadata.xml or the certificate file.

   1. To upload the Metadata file, click Upload metadata. Search for the required file from your computer system and click Open. The file uploads.

   2. To upload the Certificate file, you must first ensure to open and save the file in .x509 format. In the Certificate textbox, copy the content of the certificate.

4. Select the SAML Name ID Mapping option as Email/Employee Number/Login Name.

5. Click Test & Apply. The SAML Settings Manual Testing Criteria pop-up appears.
   
   

6. Select the I have manually tested the URL & it is working successfully checkbox after manually testing the SAML connection using the URL.

7. Click Apply to update the customizations. A success message appears.

After the configuration is done, if you use the SAML URL and are already logged into the domain, it will redirect you to the Employee page of the greytHR application. Or you will land on the SSO login page where the employee has to provide proper details as per SSO configuration to authenticate to the application. 

 Click here to subscribe to our help videos 

Related Links:

Video: To watch videos on greytHR, click here.

FAQs: To read more FAQs about SAML, click here.

Documentation: To learn more about SAML, click here. 

Product Update: To read about the product update, click here.