These steps will guide you through setting up the single sign-on functionality between ADSelfService Plus and PurelyHR
Log in to ADSelfService Plus as an administrator.
Navigate to Configuration → Self-service → Password Sync/Single Sign-on.
Search for PurelyHR and select it.
Click Download SSO Certificate link in the top-right corner of the screen.
In the SSO/SAML Details pop-up screen that appears, note down the values of Login URL . We will need these values in a later step.
PurelyHR (Service Provider) configuration steps
Now, log in to your PurelyHR administrator account.
Click SSO settings at the toppanel.
Click on Account Options | Single Sign On Settings
In right side, you will see option for Single Sign on Settings.
In Generic SAML Connector, you will find settings for IdP Provider Settings.
In the x509 Certificate field, paste the certificate (PEM) file content you had copied in Step 6 of Prerequisite.
In the IdP Issuer and IdP Endpoint URL fields, enter the Login URL value you had copied in Step 5 of Prerequisite.
In the Logout URL field, enter the Logout URL value you had copied in Step 5 of Prerequisite.
Click Save Changes.
ADSelfService Plus (Identity Provider) configuration steps
Now, switch to ADSelfService Plus’ PurelyHR configuration page.
In the Domain Name field, enter the domain name of your email address. For example, if you use firstname.lastname@example.org to log in to PurelyHR, then thinktodaytech.com is the domain name.
In the Company ID field, enter the company ID value of your PurelyHR account.
Enter a Description for the connection.
In the Available Policies field, select the policies for which you wish to enable single sign-on.
Your users should now be able to sign in to PurelyHR through ADSelfService Plus.
For PurelyHR, both IdP-initiated and SP-initiated flows are supported.