Appearance
Single Sign-on (SSO)
The Upswell Experience Manage provides Single Sign On (SSO) using OAuth based flows from an organizations primary directory.
This document steps through obtaining the approriate credentials for supported SSO providers and activating SSO within the Experience Manager.
INFO
SAML based SSO flows are not currently supported.
Supported Directories
The Experience Manager supports the following directories:
- Google Workspaces
- Microsoft Azure AD
Google and Microsoft cover the bulk of organizations SSO needs. If an additional directory is required, it may be added, contact Upswell for more information.
Directory Configuration
Google Workspaces
Provision OAuth Client ID and Secret
To configure a Google OAuth Integration:
- Open the Google Cloud Console with an account in your organization: https://console.cloud.google.com/
- Navigate to APIs and Services and select Credentials
- Select + Create Credentials and select OAuth 2 client ID
- Select and/or enter the following
- Application Type: Web application
- Name: Upswell Experience Manage
- Authorized Redirect URI’s
- Development URL:
http://localhost:8000/google/login/callback/ - Production URL:
https://<production domain>/google/login/callback/
- Development URL:
- Select Create
- From the pop-up, note the Client ID and the Client Secret (this is the last time you will see the Client Secret)
Enable SSO for Google Workspaces
SSO for Google Workspaces can be enabled by setting the following environment variables:
| Variable | Value |
|---|---|
USE_AUTH_GOOGLE | Enables SSO for Google Workspaces |
GOOGLE_OAUTH_CLIENT_ID | The Client ID generated above |
GOOGLE_OAUTH_CLIENT_SECRET | The Client Secret generated above |
Additional Resources
Microsoft
WARNING
Login with Microsoft is stubbed, but missing configuration to be fully function and will not work at this time. If you need this feature, contact Upswell to request priority on ticket UC-267.
Provision OAuth Client ID and Secret
App Registrations are managed through Azure at https://portal.azure.com.
- Open the Azure Portal with an account in your organization: https://portal.azure.com
- Locate App registrations under Enterprise applications / App registrations
Enable SSO for Google Workspaces
SSO for Google Workspaces can be enabled by setting the following environment variables:
| Variable | Value |
|---|---|
USE_AUTH_MICROSOFT | Enables SSO for Microsoft Azure Active Directory |