Setting up SSO
BLOCKS supports Single Sign-On (SSO) using Security Assertion Markup Language (SAML). By setting up SSO, those with user accounts registered with your company's Identity Provider (IdP) can use SSO to log into BLOCKS.
info_outline BLOCKS supports SAML 2.0 and acts as the Service Provider (SP).
The process for setting up SSO is as follows:
warning This guide assumes that you already have your IdP set up. For help with IdP setup, please contact an IdP vendor that supports SAML 2.0.
info_outline This is not shown for organizations that have configured SSO unless signed into BLOCKS through single sign-on.
Open the organization settings screen.
Switch to the organization for which you will set up SSO.
Click on the organization menu in the global navigation bar again to display the drop-down list.
Click the gear icon (settings_applications) next to the organization’s name.
For security purposes, you will need to enter your password to continue. Enter your password and click Send. You can check Do not show this again to remove the password protection for one hour. This will also remove the password protection from the user settings menu.
info_outline This prompt will not show up again if you click the organization settings icon (settings_applications) again (or click the user settings menu) within one minute of entering your password. However, it will always appear if you switch to a different organization and click its organization settings icon (settings_applications).
Click SSO from the menu in the left sidebar.
Under Enable/disable, enable SSO.
Under Allow normal login, you can configure whether or not to also allow the normal login when using SSO.
This setting is designed for confirming your SSO connection. We suggest using this setting to check that your SSO is working correctly, after which you should disable this setting.
info_outline You cannot use the normal login if this setting is turned off, so you cannot access the SSO settings. As such, you will not be able to revise your SSO settings if there are any mistakes. As such, we suggest turning this on when setting up your SSO. For security reasons, you should turn this off after confirming your SSO connection works properly.
Enter information into the following required fields:
- Login URL: Enter the SAML request destination URL.
- Logout URL: Enter the IdP URL that will be shown after logging out of BLOCKS.
- Change password URL: Enter the IdP URL to be shown when changing the password.
- IdP Certificate (PEM format): Click Select File and upload your PEM format IdP Certificate file.
info_outline The contents of your Entity ID and Consume URL will be shown after you click Save.
To confirm your SSO connection, stay logged into BLOCKS and try signing in again through SSO with a different browser.
Click Close in the upper-right to exit the organization settings menu.