Toutes les collections
Vendredi pour les entreprises
Les aspects techniques du lancement
Configure SSO for my company
Configure SSO for my company

All the technical details for your IT department to configure the SSO of your company account

Oksana Aubry avatar
Écrit par Oksana Aubry
Mis à jour il y a plus d’une semaine

🇫🇷 Voir la version française

The Single Sign-On (or SSO) configuration allows your employees to connect to the Vendredi platform directly with their professional account.

Your employees will not have to create a new password and will save some precious time.

The platform makes it very easy for you to configure Single Sign-On on your own.

⏲️ It takes 15-20 minutes of work from you IT department. So it is very simple.

🖥 Warning, the rest of the article gets technical!

Which SSO technologies are compatible?

The Vendredi platform uses the SAML v2 protocol in POST mode.

It's therefore compatible with the majority of SSOs, in particular with Microsoft (Azure AD, ADFS, ...) and Google (Google Apps) solutions.

The configuration procedure

1- Configure Vendredi as Service Provider

First, you need to configure Vendredi as a Service Provider on your internal SAML solution.

Here are the instructions for Azure AD and Google G Suite. If you use another provider, please consult their documentation.

In this step, you will need the metadata that are available directly in the Vendredi platform:

Go to Settings > Advanced settings > Single Sign-On > Show Metadata

The data you need to send are :

Data

Key

Required or optional

First name

first_name

Required

Last name

last_name

Required

Email

email

Required

if no Unique identifier

Unique identifier

employee_sso_id

Required

if no Email

Phone number

phone

Optional

Email of collaborator manager

manager_email

Optional

Attached entity*

entity

Optional

* If you don't know which "Entity" data to send, you can consult the list of entities configured on the Vendredi platform: Settings > Users > Manage entities

You must send either an email (the user's email address) or an employee_sso_id (a unique identifier of the user). Most of the time the use of email is recommended, but if your company does not provide a professional email address to all users, you can prefer a connection by unique identifier. When logging in for the first time with SSO, the user identified by a unique identifier without a professional email address must enter a personal email address to complete their registration.

2- Configure your SAML on the Vendredi platform

Once Vendredi has been configured as your Service Provider, all you have to do is fill in the technical configuration in Settings > Advanced settings > Single Sign-On!

💡 Our recommendation : fill in the technical data first without activating the connection via Single Sign-On. This allows you to make sure everything is working before you activate it for all your employees.

3- Test the correct functioning of the SSO connection

Once the configuration is done, you can click on "save and test" at the bottom of the page.

This allows you to verify the data received by the Vendredi platform.

Here is an example of a connection test result :

👉 👉 Last step: once the test is successful, don't forget to activate the connection for all your employees on the configuration page and save!

Settings > Advanced settings > Single Sign-On > Activate Single Sign-On login

Avez-vous trouvé la réponse à votre question ?