One you configure your deployment to enable the Deployed Portal, the next thing you may wish to accomplish is to use your Single-Sign-On to authenticate into the Deployed developer interface. Our portal interfaces currently support SAML authentication into our deployed portal interfaces for both the Developer portal seen @ https://portal.form.io as well as our Form Manager portal application.
We will cover setting up Single Sign On for the Deployed portal first.
To get started, you will first need to become familiar with how the SAML integration works with Form.io. You can read this documentation within the SAML Single Sign On section. Once you are familiar with this, you will want to setup SAML integration within the Portal Base project which is created when you deploy a new portal with the PRIMARY=true environment variable. You will see this project when you log into the deployed portal when you authenticate using the ADMIN_EMAIL and ADMIN_PASS that you used when creating the deployed portal. This will looke like the following.
When you click on this project, you will then want to configure the SAML configuration with the settings that you setup by walking through the SAML documentation above.
Now that you have setup your main portal project with the SAML configuration, you will now need to provide a single Environment variable to your deployment to enable the SSO portal. This environment is as follows.
For now, the only supported type is “saml” which should be the value of this environment variable. Once you have set this variable, then logout, you will then notice that the portal authenticates with the SAML SSO authentication.
The next item that can be configured for SSO is the Form Manager application.
In addition to allowing users to create their own projects, you can also use the Portal SSO in conjunction with our Team support within the Developer Portal. This system creates a One-to-One connection between Roles within your SAML configuration, that will then map to Teams within the Form.io developer portal.
To start, you will first need to create Teams within your developer portal that will be related to Roles within your SAML configuration.
Make sure you check the checkbox called SSO Team which will tell the API platform that you wish to map this team with an SSO Role.
You do not need to worry about assigning anyone to that Team since that will be handled automatically through the SSO process when they authenticate by associating SAML roles to that Team.
Next, you will need to assign that Team to your projects you wish to allow SSO people to have access to within the Form.io developer portal interface. You can do this by clicking on the Project, and then clicking on the team, then select the role you wish that team to have wthin that Project.
Once you have done this, anyone with a SAML Role name that matches the name of the Team will be automatically assigned to that team and be granted access to a project.
To enable the Form Manager with SAML SSO authentication, you will need to first navigate to your project, and just like you did for the Portal Base project above, configure this project with some SAML configuration. Important: Make sure that you configure a separate SSO application within your SAML provider to use the correct project urls instead of using the same SAML configuration provided in the previous step.
After you do that, you will now need to provide the SSO configuration within your projects Public Configuration section.
For a description of all Configurations available go to the Form Manager Settings documentation.