OpenId Connect (OIDC) is our recommended protocol for setting up SSO, ahead of SAML2p. This page contains a general guide on how to set up single sign on using OpenId Connect.
If you are using Azure AD as your identity provider, we recommend using our Talentech app in the Azure app gallery, which will give a simpler setup process. The Azure AD guide can be found here.
Before you start following this guide, you should check if we have a more specific guide for your identity provider of choice in the section Provider specific guides.
SSO is a paid service, so to get started please get in touch with your Talentech contact person or contact firstname.lastname@example.org.
Our implementation consultants need to know the following bits of information:
Your identity provider’s OpenIdConnect discovery document URL, typically found at https://your-idp-authority/../.well-known/openid-configuration
A set of client ID and client secret that will be used to authenticate Talentech ID with your identity provider.
Once we get these pieces of info, we will create a configuration and send you the following urls, which need to be whitelisted in your system:
Post logout redirect URL
Once the setup is complete, the configuration can be tested. This will be done without affecting any of your active users.
We will send you a link that you can use to verify that the configuration is working correctly. This will trigger the login process by redirecting you from Talentech ID to your identity provider. Once you sign in, you’ll be redirected back to Talentech ID where you’ll be shown a test report (see screenshot 1).
If the test report indicates that everything works correctly, we can safely enable the SSO login option for all your users. This can be done at a time that suits you.
Screenshot 1 - Test login report summary
Provider specific guides
We currently have the following provider specific setup guides available. These which describe how to set up the SSO configuration in your identity provider: