Steps to configure SAML SSO for Reftab

About Reftab

Reftab is an asset management software that helps organizations track, manage, and maintain their equipment, IT assets, and inventory from a centralized platform. It streamlines asset check-ins and check-outs, maintenance scheduling, and reporting to improve efficiency and reduce losses.

The following steps will help you enable SSO for Reftab from Identity360.

Prerequisites

1. The MFA and SSO license for Identity360 is required to enable SSO for enterprise applications.
2. Log in to Identity360 as an Admin, Super Admin, or Technician who has Application Integration and Single Sign-on permissions.
3. Navigate to Applications > Application Integration > Create New Application, and select Reftab from the applications displayed.
   Note: You can also find Reftab from the search bar located at the top.
4. Under the General Settings tab, enter the Application Name and Description.
5. Under the Choose Capabilities tab, select Single Sign-on and click Continue.
   General Settings of SSO configuration for Reftab.
6. Under Integration Settings, navigate to the Single Sign On tab, click IdP Details. Copy the Login URL, Entity ID, and Signing Certificate values, which will be used during the configuration of Reftab.
   Integration Settings of SSO configuration for Reftab.

Reftab (service provider) configuration steps

1. Log in to Reftab as an administrator.
2. Click Settings in the top-right corner.
   Portal view of Reftab.
3. You can configure metadata by either using metadata URL or entering metadata details manually.
   • • Go to SAML SSO Settings and click Use XML Metadata Link.
       Using XML metadata link in Reftab.
     • Paste the Metadata URL value as instructed in these steps, and click Next.
       Using XML metadata link in Reftab.
   • • Choose Provide Settings Manually.
       Entering metadata details manually in Reftab.
     • Under Domain, enter the domain name for which you want to enable SSO.
     • Under IDP Entity ID, paste the Entity ID copied in step 6 of the prerequisites.
     • Under URI Endpoint, paste the Login URL copied in step 6 of the prerequisites.
     • Under Bind Method, choose HTTP-Redirect from the drop-down menu.
     • Under the Allow Password Login field, choose whether users can sign in with their password in addition to SSO or require SSO login only.
     • Under Email Attribute, choose Email from the drop-down menu.
     • Under Certificate, paste the Signing Certificate copied in step 6 of the prerequisites.
     • You can skip the Encryption Certificate field.
     • Click Save SAML Settings.
       SAML configuration in Reftab.
4. After saving the SAML settings, complete the domain verification using the steps mentioned here. Once verified, click Verify Domain.
   Domain verification in Reftab.
5. If domain verification is successful, the status will change to Verified.
   Domain verification status in Reftab.

Identity360 (identity provider) configuration steps

1. Switch to Identity360's application configuration page.
2. Enter the Relay State parameter, if necessary.
   
   Note: Relay State is an optional parameter used with a SAML message to remember where you were or to direct you to a specific page after logging in.
3. Click Save.
   Integration Settings of SSO configuration for Reftab.
4. To learn how to assign users or groups to one or more applications, refer to this page.

Your users will now be able to sign in to Reftab through the Identity360 portal.