These steps will guide you through setting up the single sign-on functionality between ADSelfService Plus and AHA!.
Login to ADSelfService Plus as an administrator.
Navigate to Configuration → Self-service → Password Sync/Single Sign-on.
Locate and click on AHA! in the list of applications provided.
Click on the Download SSO Certificate link in the top-right corner of the screen.
AHA (Service Provider) configuration steps
Login to AHA! with an administrator’s credentials.
Navigate to Settings Icon → Account → Security and single sign-on.
Choose SAML 2.0. as the Identity provider.
Name your configuration.
You can choose between Metadata URL (or) Metadata file (or) Manual settings.
Paste the copied URL, from Step 5 of Prerequisite, in the respective URL fields.
Select certificate fingerprint as SHA1.
Click Enable to save the configuration.
ADSelfService Plus (Identity Provider) configuration steps
Now, switch to ADSelfService Plus’ AHA! configuration page
In the Domain Name field, enter the domain name of your email address. For example, if you use email@example.com to log in to AHA!, then aha.io is the domain name.
Enter the SP Identifier of your AHA portal in the SP Identifier field. For Eg, https://<sp_identifier>.aha.io
Provide a Description in the respective field.
In the Available Policies field, click on the drop-down box and select the policies for which you wish to enable single sign-on.
Click Save and log out of ADSelfService Plus.
For AHA!, both IdP-initiated and SP-initiated flows are supported.