Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The EmpowerID SSO framework allows you to integrate UltiPro with EmpowerID, making EmpowerID enables seamless integration with UltiPro, positioning EmpowerID as the identity provider for your organization's UltiPro account. In this way, users can This integration allows users to access their corporate UltiPro accounts directly from through EmpowerID, using their EmpowerID credentials, their corporate Active Directory (AD) logins, or those of credentials from another trusted ( third-party ) identity provider that has been integrated with EmpowerID.

Note

As a prerequisite to creating an SSO Connection for UltiPro as a service provider in EmpowerID, you must have an UltiPro account. Additionally, UltiPro uses ADFS2 to federate with third-party applications, therefore you must send UltiPro the certificate you are using in your EmpowerID configuration so they can configure ADFS2 appropriately.

Create an UltiPro SSO application and connection

  1. On the navbar, expand Apps and Authentication and click Applications.

  2. From the Actions pane, click the Create Application action.

Image Removed
  1. Image Added


    This opens the Application Details form, which contains various tabs and fields for creating the application.

Image Removed
  1. Image Added

Macrosuite divider macro
dividerWidth90
dividerTypetext
dividerWeight1
labelPositionmiddle
textAlignmentcenter
iconColor#000000
fontSizelarge
textGeneral
textColor#000000
dividerColor#000000
dividerIcon
  1. Name – Enter a name for the application

  2. Display Name – Enter a display name for the application

  3. Description – Enter a description for the application

  4. Instructions – Optional

  5. Full URL (Exact Match Path) – Leave empty

  6. Create a Tracking Only Account Store – Leave unselected (Although you have the option to create a tracking-only account store for UltiPro, the best practice is to connect EmpowerID to UltiPro so you can inventory and synchronize the user data in your UltiPro account with EmpowerID. This lets you create new UltiPro accounts in EmpowerID and have them appear in UltiPro and vice-versa.

  7. Select Existing Account Store (Directory) – Search for and select your UltiPro account store

  8. Select a Location – Click the link and then search for and select an EmpowerID location in which to create the application

  9. Publish in IT Shop – Select this option if you want eligible users to be able to request an account in the application from the IT Shop

  10. Allow Claim Account – Select this option to let users claim application

  11. Login is Email Address (Receive OTP to Claim) – Select this option if the login for the application is an email address. This setting is necessary for passing the appropriate identity assertion to the application when logging in to it from EmpowerID.

  12. Allow Request Account – Select this option to let users to request or claim an account in the application from the IT Shop

  13. Make Me the Owner – Select this option if you want to be the application owner

  14. Icon – Enter ~ Images/AppLogos/UltiPro.png to use the UltiPro image provided by EmpowerID. This image appears in the Personal Applications page of the EmpowerID Web application for users with access to UltiPro.

Macrosuite divider macro
dividerWidth90
dividerTypetext
dividerWeight1
labelPositionmiddle
textAlignmentcenter
iconColor#000000
fontSizelarge
textSingle Sign-On
textColor#000000
dividerColor#000000
dividerIcon

  1. Select SAML as the Single Sign-On Connection Type.

  2. Select Create a New SAML Connection.

Macrosuite divider macro
dividerWidth90
dividerTypetext
dividerWeight1
labelPositionmiddle
textAlignmentcenter
iconColor#000000
fontSizelarge
textSAML Connection Information
textColor#000000
dividerColor#000000
dividerIcon

  1. Display Name – Enter the name for the UltiPro SSO connection that you want to appear to users in the EmpowerID user interfaces. By default EmpowerID populates the value of this field with the name you gave to the application above.

  2. SAML Name Identifier Format – Value should be Unspecified

  3. Issuer – Value should be EmpowerID

  4. Initiating URL – Enter /WebIdPForms/Generic/AuthenticationRequest

  5. Tile Image URL – Leave the value as is

  6. Description – Enter a description for the SAML connection

Macrosuite divider macro
dividerWidth90
dividerTypetext
dividerWeight1
labelPositionmiddle
textAlignmentcenter
iconColor#000000
fontSizelarge
textAssertion Consumer URL
textColor#000000
dividerColor#000000
dividerIcon

  1. Click the Add (blue star) button and fill in the following:

    • Assertion Consumer URL – Enter https://efs.ultipro.com/adfs/ls/

    • Priority – Optionally, enter a number to indicate the priority for the URL when more than one ACS URL is specified (the lower the number the higher the priority)

    • SAML Submission Method – Select HTTPPost

  2. Click Save.

Macrosuite divider macro
dividerWidth90
dividerTypetext
dividerWeight1
labelPositionmiddle
textAlignmentcenter
iconColor#000000
fontSizelarge
textCertificates
textColor#000000
dividerColor#000000
dividerIcon

  1. Select Enable Assertion Signature.

  2. Signing Certificate – Search for and select the appropriate certificate to sign the SAML assertions sent to UltiPro.

Easy html macro
theme{"label":"solarized_dark","value":"solarized_dark"}
contentByMode{"html":"<!DOCTYPE html>\n<style>\n .myOL > li {\n font-size: 18px;\n line-height: 1.5rem;\n color: rgb(23, 43, 77);\n }\n</style>\n<ol class = \"myOL\" style=\"margin-left: -20px\" start=\"3\">\n <li>Click <b>Add To Cart</b>.</li>\n <li>Click the Cart icon.</li>\n <li>Optionally enter any comments and then click <b>Submit</b>.</li>\n</ol>","javascript":"","css":""}

Insert excerpt
IL:External Stylesheet
IL:External Stylesheet
nopaneltrue