Configuring SAML SSO for ProWorkflow

These steps will guide you through setting up the single sign-on functionality between ADSelfService Plus and ProWorkflow.

Prerequisite

Login to ADSelfService Plus as an administrator.
Navigate to Configuration → Self-service → Password Synchronizer..
Locate and click on ProWorkflow in the list of applications provided.
Click on the Download SSO Certificate link in the top-right corner of the screen.
In the pop-up that appears, copy the Login URL and download the SSO certificate by clicking on the Download SSO Certificate.

ProWorkflow (Service Provider) configuration steps

Login to ProWorkflow with an administrator’s credentials.
(https://trial.proworkflow.net)
Navigate to Settings → Integrations → Integration Settings.
Choose Okta and click connect.
Paste the Login URL, copied in Step 5 of Prerequisite, in the SAML Provider Endpoint field.
Open the downloaded SSO certificate file in Step 5 of Prerequisite as a text file. Copy and paste the content it in the Certificate field.
Copy the Single sign on URL and Audience URI. We will need these values in later steps.
Click Submit.

ADSelfService Plus (Identity Provider) configuration steps

Now, switch to ADSelfService Plus’ ProWorkflow configuration page.
In the Domain Name field, enter the domain name of your email address. For example, if you use johndoe@proworkflow.com to log in to ProWorkflow, then ProWorkflow is the domain name.
Paste the Single sign on URL copied in Step 6 of ProWorkflow configuration in the ACS URL field.
Paste the Audience URI copied in Step 6 of ProWorkflow configuration in the Entiity ID field.
Enter your Proworkflow account Entity ID in Entity ID field.
Provide a Description in the respective field.
In the Available Policies field, click on the drop-down box and select the policies for which you wish to enable single sign-on.
Click Save and log out of ADSelfService Plus.

For ProWorkflow, single sign-on is supported for IDP initiated flow.