If you have a lot of employees that will be accessing Expiration Reminder, it can be an administrative pain to manage this accounts when users enter or leave the company. To help you managing this overhead we have Single Sign-On.
An account with SSO enabled will allow your users to login with one set of credentials.
Setting up SSO requires some technical knowledge so we suggest speaking to your internal IT team for their assistance in providing the necessary information for the SAML configuration.
To configure SSO in your Expiration Reminder account, on the top menu click on Your Name and then on Settings.
Then click on "Single Sign-On" on the left menu, under the "Security" heading.
In the SSO screen configure the following fields:
Issuer: this is usually the metadata url provided by your directory provider. If possible, Expiration Reminder will try to get the sign on url, the sign out url and the certificate automatically from this metadata url.
Single Sign On (SSO) url: this is the url users will be redirected to for login in.
Single Log Out (SLO) url: this is the url provided by your Identity Provider for signing out.
X.509 certificate: this is the certificate provided by your Identity Provider to authenticate the login request.
Enable for Users: This will allow users in Expiration Reminder to be able to use SSO to login to the application. They’ll still be able to use their own Expiration Reminder password if they’d like to.
Enforce SSO login: This option will prevent users from using their Expiration Reminder password to login and will force them to use the credentials from the Identity Provider.
Click Update to save your settings.
Below is a list of platforms which your organization may have their SSO set-up with.
Click on the corresponding article to learn more detail about setting up your SSO.
For setting up the SSO on the other platform using Expiration Reminder's information:
The ACS URL is: https://app.expirationreminder.net/sso/metadata
The Entity ID is: https://www.expirationreminder.net/