Single Sign On

Single Sign On overview, current Support, and Workflows

Single Sign On (SSO) is offered as an option for customers who want to control access to SiteLine using their company's network credentials.    Please contact your VueOps account representative if your company is interested SSO. 

VueOps offers SSO so you can access SiteLine with your company credentials and your application administrators can control access to SiteLine based on user status, i.e. active employee, former employee. SSO:

  • Prevents employees and contractors from “evergreen” access to VueOps
  • Remove access for ex-employees and contractors
  • Is a component of good security Hygiene

How SSO works

Essentially, SSO is an alternative to logging in with a user ID and password.  VueOps sets up a 'trusted' relationship with a customer's identity provider (IdP), which allows the user to access SiteLine with their company credentials.  

SSO Configuration

SiteLine currently supports the following SSO configuration:

  • One customer IdP for each SSO connection.  SiteLine SSO is tested with PingIdentity®.  Contact your VueOps account representative if your company uses a different IdP
  • Multiple customer domains that are supported by the customer's IdP
  • SAML IdP communication protocol. Contact your VueOps account representative if your company requires a different protocol

Pre-requisites

  • Customer should provide a list of domains supported by its IdP to VueOps for SSO configuration
  • Customer's IT and VueOps technical representatives configure their respective IdP services to connect with one another
  • Customer's Administrator should assure that users authenticate in company's IdP

New User Workflow

The steps that follow describe the flow for adding a SSO user in SiteLine, once the pre-requisites are met.

SiteLine admin creates a user 

To create a user, please refer to the Knowledge Base article entitled Adding Users in SiteLine.
 

For SSO enabled accounts, new users will receive an invitation email with a link that initiates the SSO flow.  The link redirects to their IdP's login page. On successful authentication, it redirects back to the user’s SiteLine landing page

 

Existing User Workflow

  1. Login: https://app.vueops.com/login
  2. If SSO is enabled, the log in form will only ask for your email address
  3. Enter your email (the field is case sensitive)
  4. Click ‘Continue’   





  5. You will be re-directed to your company's log in page (Microsoft is used in this example)
    image-png-Jul-21-2022-12-36-45-64-AM








  6. Upon successful authentication, you will be re-directed to your SiteLine landing page.

Forced Logout

SiteLine requests user authentication from your company's IdP each time a user logs in. The application will log a user out if their session is inactive for more than 30 minutes. Users simply log back in to work in SiteLine.  This mechanism assures that users cannot access SiteLine if their IdP authentication has been revoked.

Revoked IdP authentication

SiteLine authentication will not proceed if a customer’s IdP authentication has been revoked. The login flow will end at the IdP login with a message that indicates the user name or password is not valid.  If you receive this message by mistake, please contact your company's IT department to confirm you company credentials.

Remove User

After a user’s IdP authentication has been revoked they they cannot authenticate in SiteLine. However, your SiteLine admin must still remove them from the SiteLine User Management page. Please refer to the VueOps Knowledge Base article entitled How to edit - remove users in SiteLine