Overview

Single Sign-On (SSO) enables anyone at your company with a currently valid company email address to access Event Lists, Briefs and more, all without needing an EventGeek account. 

SSO runs on a technical standard (SAML) that be implemented on its own or through a vendor, such as Okta.com.

~

Technical Setup Instructions

The following details should be provided to your IT manager in charge of SSO.

In the SSO setup, your company is the Identity Provider, while EventGeek is the Service Provider.

The necessary Database Table saml_identity_providers:

  • org_id
  • email_domain
  • target_url
  • certificate

As the Identity Provider, please configure your server with:

Then, please contact us with your:

  • Identity Provider Certificate (.pem) → certificate
  • Identity Provider Login URL → target_url

We will create a record in saml_identity_providers table for your domain and Org. Then your Org will be ready to run SSO.

~

How does the flow work?

  1. User fills their company email in first step of login.
  2. If the emails domain matches with any of the records in "saml_identity_providers" table additional "Log in with {{Org Name}}" button is shown above all login options in the next step.
  3. When clicked on that button the user is redirected to "target_url".
  4. Identify Provider checks the users identity either by already existing cookie or asking them to log in via internal credentials.
  5. Redirects to our Assertion Consumer Service URL along with encrypted SAML response.
  6. Service Provider checks that response is correct and logs the user in.
Did this answer your question?