Administration

OpenEMIS SSO Configuration

Name: OpenEMIS Core
Article Name: SSO Configuration
Category/Module: Administration
Tags: SSO, Setup, Manage
Version: 3.8.1
Date Updated: 28 Dec 2016

 

Purpose: 

The Single Sign-On  feature is an safe alternative to credential loss. This User Authentication service that permits a user to use one set of login  credentials (e.g. name and password) to access multiple applications.

Features:

SSO Configuration (Google Authentication)

Screen Shot 2017-03-22 at 2.05.37 PM

1) Go to OpenEMIS Core

2) Go Administration > System Setup > System Configurations

3) Select Authentication for dropdown list

Screen Shot 2017-03-22 at 2.05.47 PM

4) Select Edit button

Screen Shot 2017-03-22 at 2.05.57 PM

5) Select Value = Google

Screen Shot 2017-03-22 at 2.09.48 PM

Screen Shot 2017-03-22 at 2.17.24 PM

6) Go to https://console.developers.google.com/

7) Login using your Google Account, and you will be re-directed to the homepage of Google console Developer.

Screen Shot 2017-03-22 at 2.19.10 PM

8) Select on Create Project option from the Drop-Down list.

Screen Shot 2017-03-22 at 2.22.10 PM

9) Enter the Project Name, and select on Create button.

Screen Shot 2017-03-22 at 2.46.00 PM

10) Page will re-directed to the created project displayed above, go to Credentials tab.

Screen Shot 2017-03-22 at 2.50.51 PM

11) Select on Create credentials > OAuth client ID

Screen Shot 2017-03-22 at 2.54.24 PM

12) Select on Configure consent screen.

Screen Shot 2017-03-22 at 2.53.12 PM

13) Enter the Product Name > Save.

Screen Shot 2017-03-22 at 2.56.59 PM

Screen Shot 2017-03-22 at 3.04.07 PM

Screen Shot 2017-03-22 at 3.05.14 PM

14) Select on Web application radio button, we will have to go back to OpenEMIS Core and copy the Redirect URI text and copy to the Authorised redirect URIs field in the Google Developer Console Credentials > Create.

Screen Shot 2017-03-22 at 3.07.01 PM

Screen Shot 2017-03-22 at 3.12.12 PM

15) Page will display the Client ID and Client Secret, which you will have to copy and paste it into the respective fields in OpenEMIS Core.

16) Select to Allow User Creation > Save.

Allow User Creation =  Yes: Once they login using their Google Account, it will check if this username exists in OpenEMIS Core, if user does not exists, it will create a new account for the User where the username will be according to your Google username.
Allow User Creation =  No: Once they login using their Google Account, it will check if this username exists in OpenEMIS Core, if user does not exists, there will not be any account created.

Screen Shot 2017-03-22 at 3.24.37 PM

17) Once you logout and login, you will no longer see fields to login your credentials, select Login.

Screen Shot 2017-03-22 at 3.25.14 PM

18) You will be able to login successfully and view the modules, based on the permission access.

SSO Configuration (OAuth 2.0 with OpenID Connect)

1) Go to OpenEMIS Core (demo.openemis.org/core)

2) Go Administration > System Setup > System Configurations

3) Select Authentication for dropdown list

1-system-configuration-authentication-2016-10-27-at-8-59-48-am

4) Select Edit button

2-oauth2-0-with-openid-connect-2016-10-27-at-9-00-01-am

5) Select Value = OAuth 2.0 with OpenID Connect

3-enter-openid-configuration-uri-2016-10-27-at-9-04-02-am

6) Enter OpenID Configuration URI. In this case, enter: https://dmo-prd.openemis.org/portal/.well- known/openid-configuration

The following URI will be auto populated
o Authentication URI
o Token URI
o User Information URI
o Issuer
o Public Key URI

4-enter-user-mapping-as-user_login-2016-10-27-at-9-04-19-am

7) Enter Username Mapping as user_login

5-go-portal-2016-10-27-at-9-05-03-am

8) Go to Portal (eg. https://demo.openemis.org/portal/wp-admin)

9) Login with Username and Password

6-go-oauth-server-settings-2016-10-27-at-9-05-48-am

10) Go to OAuth Server > Settings

7-go-clients-tab-and-add-new-client-2016-10-27-at-9-06-08-am

11) Select Clients tab > Add New Client

8-enter-the-redirect-uri-from-core-2016-10-27-at-9-06-35-am

12) Enter the Client Name, Copy the “Redirect URI” from Core (please refer screenshot Step 3 or 4)\ Paste in Portal’s “Redirect URI”

13) Select Add Client button

9-copy-client-id-paste-in-core-2016-10-27-at-9-07-33-am

14) Copy Client ID from Portal and paste into Core Client ID.

10-click-on-show-secret-2016-10-27-at-9-07-40-am

15) Select on the Client Name that has been created in Step 12 > “Show Secret”

12-click-save-2016-10-27-at-9-07-51-am-copy

16) Copy Client Secret and paste into Core Client Secret > Save

15-system-redirect-to-portal-2016-10-27-at-9-40-34-am

17) Open a new browser > Enter https://demo.openemis.org/core > Ensure the system direct user to portal website

17-switch-products-2016-10-27-at-9-45-18-am

18) Enter the URL in order to switch products using same user login

 18-repeat-steps-from-1to17-in-dashboard-2016-10-27-at-9-46-52-am 19-repeat-steps-from-1-17-2016-10-27-at-9-47-11-am

19) Repeat step 1 to 17 for Dashboard and Integrator

Tags: , ,

  • The Author
  • Dec 28, 2016
    Modified 6 years ago

Related Articles

  • Rules – Institutions

    Name: OpenEMIS Core Article Name: Rules Category/Module: Institution Tags: Institution General Date Updated: 1 July 2019 Version: 3.43.3 Purpose : This is to record the business logic Module : Institutions Page  Rules View...
  • infrastructure overview land

    Manage Overview – Infrastructure

    Name: OpenEMIS Core Article Name: Manage Overview – Infrastructure Category/Module: Administration, Institution Tags: Overview, Infrastructure Version: 3.75.21 Date Updated: 16 Aug 2022 Purpose: This Manage Overview – Infrastructure feature allows you to: Record...

  • Education Structure

    Name: OpenEMIS Core Article Name: Education StructureCategory/Module: AdministrationVersion: 3.75.21Date Updated: 15 Aug 2022 Purpose: This feature allows adding of education systems and to copy the education structure for the next academic period...

  • System Configurations

    System configuration serves several purposes like optimizing performance, functionality, and security of computer systems. For example, customising and configuring accessibility options for security and standardization Here are the list of...