How to integrate single sign-on for Bonusly

Bonusly is a platform that provides an opportunity for employees to reward their peers, managers, and direct reports.

ADSelfService Plus supports single sign-on (SSO) for Bonusly. ADSelfService Plus provides SSO using the secure industry standard Security Assertion Markup Language 2.0 (SAML 2.0). With SSO enabled, ADSelfService Plus users will be able to access Bonusly without having to use separate credentials.

ADSelfService Plus also offers multi-factor authentication (MFA) for Bonusly. Leverage one or more of fifteen different authenticators available in ADSelfService Plus, including SMS or email-based verification codes, or third-party authentication providers like RADIUS server, RSA SecurID, Google Authenticator, and Duo Security. Using MFA, ADSelfService Plus provides better security and ensures that only authorized users have access to applications like Bonusly.

Benefits of enterprise SSO

ADSelfService Plus' Bonusly SSO capabilities

ADSelfService Plus supports both Identity Provider and Service Provider-initiated SSO for Bonusly.

Identity provider-initiated SSO for Bonusly: Users need to log in to the ADSelfService Plus self-service portal first, and then click the Bonusly icon on the Applications dashboard to access Bonusly.

Service provider-initiated SSO for Bonusly: Users can access their Bonusly domain through a URL or bookmark. They will automatically be redirected to the ADSelfService Plus portal for login. Once they've signed in, they'll be automatically redirected and logged in to the Bonusly portal.

Setting up single sign-on with Bonusly

1. Log in to ADSelfService Plus as an administrator.
2. Go to Application → Add Application, and select Bonusly from the applications displayed.
   Note: You can also find Bonusly from the search bar located in the left pane or the alphabet-wise navigation option in the right pane.
3. Click IdP details in the top-right corner of the screen.
4. In the pop-up that appears, copy the Entity ID and Login URL, and download the SSO certificate by clicking Download Certificate.

   

Bonusly (service provider) configuration steps

1. Log in to Bonusly with administrator credentials.
2. Navigate to Integrations.
3. Click SAML in the Simple and secure section.

   

   

4. Copy the App ID.
5. Uncheck the box next to Automatically configure from Metadata.
6. Paste the Entity ID and Login URL copied in step 4 in the IdP Issuer (Entity ID) and IdP SSO target URL fields.

   

7. Choose PasswordProtectedTransport in the Authn context field.
8. Open the downloaded certificate as a text file. Copy and paste it in the X.509 Certificate text field. You can also paste the Fingerprint value in the Cert Fingerprint field for authentication.
9. Click save.

ADSelfService Plus (identity provider) configuration steps

1. Now, switch to ADSelfService Plus’ Bonusly configuration page.
2. Enter the Application Name and Description.
3. In the Assign Policies field, select the policies for which SSO need to be enabled.
   Note: ADSelfService Plus allows you to create OU and group-based policies for your AD domains. To create a policy, go to Configuration → Self-Service → Policy Configuration → Add New Policy.
4. Select Enable Single Sign-On.
5. Enter the Domain Name of your Bonusly account. For example, if you use johndoe@bonusly.com to log in to Bonusly, then bonusly.com is the domain name.
6. Enter the App ID copied in step 4 of Bonusly configuration in the App ID field.
7. Click Add Application.

Users will now be able to use their Windows username and password to access Bonusly.