Enterprise - Implementing Coviu with SSO in your Organisation

This article explains the steps taken to integrate Coviu into your Azure Single Sign-On (SSO) system.

Last updated: Nov 2020

For technical information on our Azure SSO integration and more FAQ's, scroll to the bottom of this page.

For our process and information required, read on:

Engage your Corporate IT staff to undertake the following actions:

  1. Enter your Azure Active Directory and access your App Registrations (under Manage)
  2. Click the New Registration option
  3. Provide the following details:
    1. Name: (Your organisation name)
    2. Supported Account Types - this setting will depend on your organisation setting, but will generally be the Single Tenant option to only allow authentication by users in this Active Directory tenant
    3. Redirect URL:
      1. Select Web 
      2. https://<your coviu sub domain here>/sso/callback?domain=<your domain here>
      3. Your Coviu sub domain is the domain you provided to host the Coviu platform 
    4. Click Register 
  4. You should now have a new application registration available. 

Once the above steps have been completed, please return the below information to your Coviu account representative:

Your Coviu Platform Organisation Name

 

Your Coviu Platform primary contact, 

name and contact details

 

Your Endpoint URL

 

Your Application Client ID (issuer ID)

 

The date you wish SSO to be enabled for your organisation 

(Recommended that you discuss timeframes with your Coviu rep. Implementation should include some time for advising your colleagues that a change will be implemented and for adapting provided templates to suit your organisation and communications method)

 

Federation Metadata URL

Which can be found under the Endpoints option in your application configuration. 

 

Note:

Once the Federation Metadata URL and Application ID are configured by the Coviu team, the switch over is immediate for all users.

FAQs

  1. Do we integrate with other SSO technologies?
    1. No. But if your organisation uses another means for SSO, let us know. Register your interest with your Coviu account representative.
  2. Do we support SAML 2.0?
    1. Yes, SAML 2.0 is the protocol we support at the moment.
  3. Is our product (Coviu) listed in the Azure Marketplace/Gallery?
    1. No. Not at this stage.
  4. Authentication state?
    1. Forms based.
  5. Do we require Microsoft ADFS 3.0 to encrypt assertions to protect data leakage of sensitive information passed back to Coviu during logon?
    1. We don't support this extra layer of encryption at the moment.
  6. Do we require the Microsoft ADFS 3.0 to sign their assertions?
    1. Yes, we validate the signatures when we receive a request/response from Microsoft ADFS 3.0.