Single Sign-On Integration

Add-On Feature

The following article contains instructions about a feature that is only available to accounts that have added this add-on feature. For information about enabling this feature on your account, please your CSM or support at support@fountain.com.

Fountain supports the Single Sign On (SSO) functionality for users. Companies that want their employees to use centralized, company-controlled single sign-on or “SSO” to log into Fountain can add Fountain as a “service provider” (login destination) to many cloud and on-premise identity providers, as well as to custom authentication solutions that support the SAML 2.0 standard. This article will help you set up SSO with Fountain for your organization.

What's Covered 

 

Get Started with SSO

In order to setup the SSO configuration, you'll need to create an account by reaching out to Fountain team hereAlready contacted Fountain support them? Please skip to the next section.

 

Provide Fountain with SAML Metadata

  1. Reach out to your CSM or support@fountain.com to enable SSO for your account.
  2. Fountain will provide a dummy app to configure against
  3. Use the IdP ID, ACS (Assertion Consumer Service) URL, and Audience URI to generate the Metadata XML
  4. Provide the Metadata XML to Fountain to configure the SSO on the Fountain Side.
  5. Example:
    Assertion Consumer Service URL: https://fountain.okta.com/sso/saml2/0oa6jonjnq2BHfqbg416
    Audience URI: https://www.okta.com/saml2/service-provider/spbbhfcdzvrzouiihdcg
    IdP ID: 0oa6jonjnq2BHfqbg416

Fountain Configures the XML Metadata

  1. Fountain takes the information provided by your organization to configure the SSO
  2. Fountain generates the 3 secrets to configure on your organization 

Configure SSO using 3 secrets

  1. Take the Fountain shared secrets to configure your organization's SSO
  2. After the configuration, we will generate the final Secrets for ACS URL, Audience URI, and IdP ID
  3. Please ensure the SAML assertions contain the following keys:
    1. firstName
    2. lastName
    3. email
    4. timezone (optional)

User Sign In

Was this article helpful?
1 out of 1 found this helpful

Comments

0 comments

Please sign in to leave a comment.