Versions Compared

Old Version 2

changes.mady.by.user Keith Williams

Saved on

compared with

New Version Current

changes.mady.by.user Keith Williams

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

If you want to switch back to internal MyAccount Authentication, contact Zettagrid and we can switch you back.

SSO Summary

SSO login uses keycloak at https://zettagrid.me to authentication users for Zettagrid MyAccount.

...

Two Factor Authentication OTP setup is not synchronised between internal and SSO.

SSO usage information

Users should notice little change except they will be redirected to authenticate at https://zettagrid.me instead of within Myaccount.

Main Login page

Login to MyAccount is now in two steps. First user is prompted to enter username then status is checked and user is either (a) prompted for password or (b) redirected to SSO server depending on their status.

SSO User

Users are first prompted for username:

...

The system confirms they are using SSO login then redirects them to the SSO server to authenticate.

...

Returning SSO User

When a user logs in with SSO a cookie is set to recognise them as an SSO user. MyAccount shows login page simplified with just an “Authenticate” button. Clicking the “Authenticate” button takes the user to https://zettagrid.me to authenticate - with the same dismissable redirect warning.

...

If the user selects the “remember me” option when authenticating then their username is remembered and pre-filled.

...

SSO and Two Factor Authentication

If a user has 2FA configured on the first login to SSO or when 2FA is enable on the user, they will be prompted to set up 2FA in the SSO interface. Note this will be a separate 2FA setup from the one used by internal authentication.

...

Once 2FA is configured, the user will be prompted for their 2FA code after entering password as shown below

...

Reauthenticate

When accessing sensitive data, users can be asked to re-authenticate. For SSO users the re-authentication is performed on the SSO server in the same way as logging in.

When an SSO user clicks the “Reauthenticate” button in MyAccount they are redirected to https://zettagrid.me/ to reauthenticate.

...

Security Options

The Security tab is available from the “Profile” menu. Users can change password and enable or disable 2FA.

...

Forgot Password

The forgot password link in Zettagrid SSO directs users to the MyAccount forgot password function and users to reset their password. Passwords are synchronised between internal and SSO authentication.