These steps will guide you through setting up the single sign-on functionality between ADSelfService Plus and Kissflow
Log in to ADSelfService Plus as an administrator.
Navigate to Configuration → Self-service → Password Sync/Single Sign-on.
Search for Kissflow and select it.
Click Download SSO Certificate link in the top-right corner of the screen.
NOTE : You could also download the SSO certificate and use its content instead of FingerPrint.
KissFLOW (Service Provider) configuration steps
Now, log in to your KissFLOW administrator account.
Click Admin from the topright corner.
Click CHANGE in Preferences section.
In Enable SAML based Single sign-on, toggle the pointer to Yes.
Paste the Login URL you had copied in Step 5 of Prerequisite in Identify Provider URL.
Paste the Logout URL you had copied in Step 5 of Prerequisite in Logout URL.
Paste the SHA1 Fingerprint value you had copied in Step 5 of Prerequisite in Security Key.
Click Save Configuration.
ADSelfService Plus (Identity Provider) configuration steps
Now, switch to ADSelfService Plus’ Kissflow configuration page.
In the Domain Name field, enter the domain name of your email address. For example, if you use firstname.lastname@example.org to log in to KissFLOW, then thinktodaytech.com is the domain name.
Enter a Description for the connection.
In the Available Policies field, select the policies for which you wish to enable single sign-on.
Your users should now be able to sign in to Kissflow through ADSelfService Plus.
For Kissflow, only SP-initiated flow is supported.