Risk Ledger offers Single Sign-On (SSO) functionality for all Enterprise clients.
SSO allows users to access Risk Ledger via their organisation's single configured authentication provider.
Supported Identity Providers
We support all major identity providers, such as;
Okta
Microsoft Azure AD
Microsoft Active Directory Federation Services (ADFS)
Onelogin
Auth0
Google SAML
Generic SAML Providers
Generic OpenID Providers
Each provider required specific information to configure a connection, and this may differ by provider. Therefore, our setup wizard will guide you through configuring your specific identity provider and the steps illustrated below should be adjusted as necessary.
Configuration Steps
Step 1
Navigate to Settings and select the Single Sign-On menu item.
Enter the domains you wish to use for Single Sign-On. If multiple, separate them by commas.
For example, if you wish to allow fred@abc.com and liz@xyz.net to login via Single Sign-On, then enter abc.com, xyc.net.
Continue to Step 2 by clicking Continue Setup when ready.
π‘ If you wish to modify your configured domains at a later point, please contact support.
Step 2
You will be redirected to our Single Sign-On Setup Wizard, powered by WorkOS, to continue configuration.
Select your identity provider form the list provided. Steps differ between providers, so be sure to select the correct one for your organisation.
Only select the Generic SAML provider if you cannot see your provider listed.
Step 3
The remaining setup flow can differ between providers, but for SAML-based providers the basic details remain the same;
Configure Risk Ledger as a service provider within your identity provider, using the given Entity ID and ACS URL as directed.
Upload your X.509 Certificate.
Enter your IdO Endpoint/Login URL, to redirect users for initiation of Single Sign-On.
Configure your SAML claims as directed for your chosen identity provider. We require claims to be configured for the following fields;
A unique identifier.
An email address.
A first name.
A last name.
π‘ If you require any assistance to configure or modify your Single Sign-On connection, please reach out to our support team.
Step 4
Test that your connection is functional, and correct any issues if not.
SSO Settings
Once you have configured your Single Sign-On provider, you will be redirected back to the Risk Ledger settings page. You can then customize further settings including the enforcement of SSO and user provisioning.
Manage
Clicking the Manage button will allow you to;
See full details of your configured connection.
Test your Single Sign-On connection.
View a history of events associated with your SSO connection, including all recent logins for debugging configuration issues.
Enforce SSO
Switching this on will mean your organisation users will only be able to sign in to Risk Ledger using your configured SSO connection.
Before enabling this, we strongly recommend notifying all your organisation users that they will need to sign in to Risk Ledger using Single Sign-On going forward.
Lead & Admin Users may still sign in using their password and email address.
User Provisioning
Switching this on will mean that new users will automatically be created accounts on Risk Ledger, when they sign in via SSO for the first time.
The default user role for all new users will be View, but this can be changed as required.
Logging in with Single Sign-On
In order to login with Single Sign-On, you can click Sign In with SSO button from the regular sign in form. Or, simply navigate to https://apps.riskledger.com/sso/login
Simply enter your email address, and hit Sign In with SSO.
If your email matches a configured SSO connection, you will be redirected to the identity provider to sign in.
Once authenticated, you will be redirected to Risk Ledger and signed into your user account.
π‘ If there is anything we haven't covered, please feel free to contact us at support@riskledger.com or alternatively, select the Chat icon in the bottom right corner.