Enterprise - Coviu and SSO

This article outlines the SSO integration options available to our Enterprise clients.

Last Updated: Oct 2021

This article is aimed at SSO System Administrators.

You will need Coviu Platform Administrator access to undertake the following Coviu SSO configuration activities or, undertake these actions in conjunction with your Coviu Platform Administrator.

The ability to integrate Coviu with your organisation's Single Sign-On system is available to clients on a Coviu Enterprise plan. Currently, we can offer integration with Azure and on-prem ADFS SSO systems.

  • Azure - Further information for Azure can be found here but should not be actioned until all parties are ready to execute.
  • On-prem ADFS - Further information for on-prem can be found here but should not be actioned until all parties are ready to execute.

    FAQs

    1. Which SSO technologies do we integrate with?
      1. Azure ADFS.
      2. on-prem ADFS.
      3. If your organisation uses another means for SSO, let us know. Register your interest with your Coviu account representative.
    2. Do we support SAML 2.0?
      1. Yes, SAML 2.0 is the protocol we support at the moment.
    3. Is our product (Coviu) listed in the Azure Marketplace/Gallery?
      1. No. Not at this stage.
    4. Authentication state?
      1. Forms based.
    5. Do we allow unique identifiers other than a users email address?
      1. No. At this stage, we require all user identifiers to be their email address.
    6. Do we require Microsoft ADFS 3.0 to encrypt assertions to protect data leakage of sensitive information passed back to Coviu during logon?
      1. We don't support this extra layer of encryption at the moment.
    7. Do we require the Microsoft ADFS 3.0 to sign their assertions?
      1. Yes, we validate the signatures when we receive a request/response from Microsoft ADFS 3.0.
    8. What is the process?
      1. Your Coviu account representative will provide the necessary configuration specifications to get you ready for SSO for integration.
      2. This will include instructions on what configuration items we need from you to activate SSO at our end.