Enable SSO on your JENTIS Account
A Single Sign-On authentication allows users from your organization to use the same login information for multiple services. At JENTIS, you can enable SSO so all users within your organization can login to our DCP using their current credentials registered on your Identity Provider (IdP).
Currently, this feature supports three Identity Providers (IdPs): Ping Identity Platform, Microsoft Azure Active Directory (Azure AD), and Okta, all with the SAML protocol. If your organization uses any of these IdPs, you can follow these steps to have it connected to your JENTIS account:
Step 1 - Setup an Identity Provider
Setup an IdP (Identity Provider) for your company and register all users with email addresses you would like to use with SSO. We currently support integration with Ping Identity Platform, Microsoft Azure Active Directory (Azure AD), and Okta.
When configuring it, make sure the SAML returned to JENTIS contains a NameID field with the email address of the user
Format definition = urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
How to setup Okta:
Create a developer account here: Home | Okta Developer
Create SAML integration following these steps: Create SAML app integrations | Okta
Create attribute statements following these steps: Define attribute statements | Okta
How to setup Ping Identity:
Create a developer account here: Identity Security for the Digital Enterprise
Create SAML integration following these steps: We’re here to help
Create attribute statements following these steps: We’re here to help We’re here to help
How to setup Azure AD:
Create an AzDo account here: Developer Program | Microsoft 365 Dev Center
Create SAML Integration:
Go to Microsoft Azure
Open Microsoft Entra ID
Add new Enterprise Applications -> Create your own applications
Use Integrate any other application you don't find in the gallery (Non-gallery)
Go through the getting started steps to Set up SSO and add users to your application.
Step 2 - Send the required information to JENTIS
Once your company already has an IdP (Identity Provider):
Create a test user JENTIS can use to verify if the integration works;
Ensure your DCP's callback URL is added to the identity provider: https://[your DCP’s domain]/sso/callback For example, https://myjentisdcp.jentis.com/sso/callback - always ending with /sso/callback.
on Okta, it should go under Single Sign-On URL
in Azure, it should go under Reply URL (Assertion Consumer Service URL)
in Ping Identity, it should go under ACS URLs
Open a ticket on our Helpdesk sending the following information from the IdP setup:
Issuer (URI) - Who is issuing the identity
EntryPoint (URL) - Where to redirect for SSO
Certificate - Secret key
Test User credentials
On Okta, once you enter the application you created, you’ll find this information under Sign On > Settings > Sign On methods.
Issuer (URI) = Issuer EntryPoint (URL) = Sign on URL Certificate = Signing Certificate
On Ping Identity Platform, once you enter the application you created, you’ll find this information under Configuration > Connection Details.
Issuer (URI) = Entity ID EntryPoint (URL) = Single Signon Service Certificate = Download Signing Certificate
On Azure AD, you’ll find this information on Set up Single Sign-On with SAML.
Issuer (URI) = Identifier (Identity ID) EntryPoint (URL) = Login URL Certificate = Certificate (Base64)
When setup is complete, you will see a new login screen. Clicking on 'Login' will take you to your identity provider's login page. If you are a new user and logging in for the first time, you will be given the rights of an ANALYST user.

If your organization uses an Identity Provider that we have not yet supported, please open a suggestion ticket on our Helpdesk and inform us which IdP you would like to have integrated with the JENTIS DCP.
Last updated
Was this helpful?