These steps will guide you through setting up the single sign-on functionality between ADSelfService Plus and PlanMyLeave.
Log in to ADSelfService Plus as an administrator.
Navigate to Configuration → Self-service → Password Sync/Single Sign-on.
Locate and click on PlanMyLeave in the list of applications provided.
Click Download SSO Certificate link in the top-right corner of the screen.
PlanMyLeave (Service Provider) configuration steps
Login to PlanMyLeave portal with an administrator’s credentials.
Navigate to System Setup → Security Management → Company SAML Settings.
Click on the Edit icon in the topright corner of the screen.
In the Login URL field, enter the Login URL copied in Step 5 of Prerequisite.
Open the SSO certificate downloaded (rsacert.pem ) downloaded in Step 5 of Prerequisite and paste its content in the Certificate field.
In the Is Enable field, select Yes.
Click Save to complete the configuration
ADSelfService Plus (Identity Provider) configuration steps
Now, switch to ADSelfService Plus’ PlanMyLeave configuration page.
In the Domain Name field, enter the domain name of your email address. For example, if you use email@example.com to log in to PlanMyLeave, then thinktodaytech.com is the domain name.
In the SP Identifier field, enter the sp identifier of your PlanMyLeave account.
Example: If your PlanMyLeave domain URL is https://test.planmyleave.com, your sp identifier is test.
Enter a Description for the connection
In the Available Policies field, select the policies for which you wish to enable single sign-on.
Click Save and log out of ADSelfService Plus.Your users should now be able to sign in to PlanMyLeave through ADSelfService Plus.
For PlanMyLeave, only SP initiated flow is supported.