This feature allows you to set-up your community with mixed authentication i.e user can either login using Single Sign-On (depending o user added to the active directory) or IdeaScale login.
Once you have setup your SSO SAML 2.0 / 3.0 in your community, under "General Settings" you can enable an option called "Ideascale Email/Password Login" and Select All Members or respective Group from a dropdown "Members Allowed For Ideascale Email/Password Login" as shown in the below screenshot. This will allow either All Members or selected members linked to a respective Group to Login via SSO as well as Login with IdeaScale (SSO being the default login type).
- It does not create members. New user cannot join the community if they are not a part of this mixed SSO community.
- Member must be either uploaded or added so they can access community with mixed SSO.
- You can allow All members or user linked with specific group, who can use this mix SSO functionality.
- Our redirect page shows a link, this login should be eg: http://community.ideascale.com/a/sso/login
- You can increase the redirect time for login from Single Sign-on General settings.
User Experience with mixed SSO:
User will see both Log in as well as Login using IdeaScale button.
If you click on Log in button, you will be take to the SSO login page. You can use the SSO credentials to login to your community.
If you click on Login using IdeaScale button you will be taken to the standard IdeaScale login page. You can use your IdeaScale login credentials to login to your community.
Multiple Provider Single Sign-On:
IdeaScale supports Multiple Provider SSO along with the Single Sign-On for the community. Each community will have the settings to Enable / Disable the Multiple Provider SSO. Every community can have multiple IDP configuration. IDP configuration can be added / edited / deleted from the admin panel by the administrator.
How It works:
If the Multiple Provider SSO is enabled, the community login page will have a title showing us a list of enabled IDP configured. Users can select the desired method to login to the community.
When a community is set up with Multiple Provider SSO the user will get a screen like the above image. You simply need to select the appropriate SSO and login.
To learn more about SAML and setup, go through the below help articles: