Setting up Single Sign-On

Single Sign-On (SSO) allows you to integrate Jive authentication with an external identity provider.

You can use Jive's local database storage to authenticate users out of the box; this is a default setting. However, you may find it useful to integrate your external identity provider with Jive so you can centralize identity management and provide your users with a consistent login experience. We recommend you to implement SSO as part of a larger audience profile synchronization effort that includes LDAP and SAML.

Getting set up

If you already have a Jive community with more than a few users set up, you need to plan a migration strategy before you implement SSO, particularly if you plan to use SAML or Kerberos. If you implement SSO without migrating users first, you orphan your existing users — information they contributed to the community still exists, but they are unable to log in under the credentials that created that content. If you need help migrating your user data to another authentication scheme before you enable SSO, you should contact Jive Professional Services.

• Understanding SSO with SAML When you implement single sign-on (SSO) with SAML 2.0, information for each user is passed from the identity provider in the form of a digitally-signed XML document.

• Getting ready to implement SAML SSO Before you begin configuring a SAML SSO implementation, you should know the requirements and best practices.

• SAML identity providers Jive can be integrated with a wide variety of SAML IdPs.

• Configuring SSO with SAML Here you can find SAML configuration for your community. You can set up single sign-on with a SAML identity provider, or enable, disable, or tweak a configured SAML SSO configuration.

Please consult Jive Professional Services for comprehensive setup assistance.

• Understanding SSO with Kerberos When you implement single sign-on (SSO) with Kerberos, LDAP handles all the authorization and user synchronization, while Kerberos handles authentication.

• Understanding SSO with external login When you implement single sign-on (SSO) by using an external login, users can choose to log in by using Facebook Connect, or Google OpenID Connect.

• Configuring SSO with external login Here you find instruction on enabling SSO with Facebook Connect and Google OpenID Connect.

• SSO global settings reference The general SSO settings described here apply to all configured SSO implementations.

Related

Configuring community