Login Integration

For the purpose of providing single sign-on (SSO) capability for Asset Vision, Scalable has developed support for the SAML 2.0 XML protocol for exchanging authentication and authorization data between a SAML authority (an identity provider) and a SAML consumer (a service provider). This protocol allows Asset Vision to authenticate users against a SAML 2.0 compatible authentication product.

The capability should work with any product supporting SAML 2.0, but has been tested against the following commercial products:

Support for Azure AD in Asset Vision SSO will be available in a future release.

SSO Enablement

SSO is not enabled by default at installation. The functionality may be requested any time by contacting your Scalable Software Account Representative or Scalable Technical Support at [email protected].

Once enabled, there will be a Login Management tab in the Admin section:

SSO Enablement

SSO Integration Options

Selecting the Single Sign On option allows the SSO provider information to be specified. Once configured, all login authorization is performed through the SSO provider.

  • Metadata File: This allows an SSO provider supplied metadata file to be used for the integration.
  • ADFS: this option requires information from your ADFS installation.
  • Manual Setup: This option allows manual entry of all data elements if an SSO provider metadata file is not available.

Metadata File

This option requires a metadata file from an SSO provider. To use the metadata file:

  1. Select the Import from Metadata File radio button
  2. Click the Browse... button next to the Metadata File: path box.
  3. Select the desired metadata file.
  4. Once the file is selected and loaded, click the Apply button.
  5. The UI will now change to Manual Setup, and the information from the metadata will appear in the Identity Provider field automatically (as shown in this example):
Metadata File

After the identity provider is configured, logging in to the Asset Vision instance (https://customer.live.scalable.com/live) will now redirect to the SSO provider logon.  Below is an example from Auth0:

Once the credentials have been confirmed, the user will be passed back to the regular Asset Vision user interface.

ADFS Integration

In the case when ADFS is used, but a metadata file is not provided, then this option can be used. Enter the following information:

  • Federation Service Identifier - ID provided by the ADFS provider.
  • Certificate File - Exported from the ADFS Certificate Export Wizard

Once these are entered, the required information will be inserted in the appropriate fields.

NOTE: For specific information on how to configure ADFS for use with SAML in your Asset Vision instance, click here for more information.

ADFS Integration

After ADFS is configured and defined in Asset Vision, logging in to the Asset Vision instance (https://customer.live.scalable.com/live) will now redirect to the ADFS SSO provider logon:

Once the credentials have been confirmed, the user will be passed back to the regular Asset Vision user interface.

Manual Integration

For any provider that does provide metadata files or is not ADFS, a fully manual setup interface is provided. Simply select the Manual Setup option in the Single Sign On section, and enter the appropriate information.