These steps will guide you through setting up the single sign-on functionality between ADSelfService Plus and ProWorkflow.
Login to ADSelfService Plus as an administrator.
Navigate to Configuration → Self-service → Password Synchronizer..
Locate and click on ProWorkflow in the list of applications provided.
Click on the Download SSO Certificate link in the top-right corner of the screen.
ProWorkflow (Service Provider) configuration steps
Login to ProWorkflow with an administrator’s credentials.
Navigate to Settings → Integrations → Integration Settings.
Choose Okta and click connect.
Paste the Login URL, copied in Step 5 of Prerequisite, in the SAML Provider Endpoint field.
Open the downloaded SSO certificate file in Step 5 of Prerequisite as a text file. Copy and paste the content it in the Certificate field.
Copy the Single sign on URL and Audience URI. We will need these values in later steps.
ADSelfService Plus (Identity Provider) configuration steps
Now, switch to ADSelfService Plus’ ProWorkflow configuration page.
In the Domain Name field, enter the domain name of your email address. For example, if you use firstname.lastname@example.org to log in to ProWorkflow, then ProWorkflow is the domain name.
Paste the Single sign on URL copied in Step 6 of ProWorkflow configuration in the ACS URL field.
Paste the Audience URI copied in Step 6 of ProWorkflow configuration in the Entiity ID field.
Enter your Proworkflow account Entity ID in Entity ID field.
Provide a Description in the respective field.
In the Available Policies field, click on the drop-down box and select the policies for which you wish to enable single sign-on.
Click Save and log out of ADSelfService Plus.
For ProWorkflow, single sign-on is supported for IDP initiated flow.