Versions Compared
Key
- This line was added.
- This line was removed.
- Formatting was changed.
The EmpowerID SSO framework allows you to configure Yammer as an identity provider (IdP) for
theEmpowerID
Web application. EmpowerID integrates with Yammer using
the OAuth protocol to allow your users to log in to EmpowerID using their Yammer account.This topic describes how to configure an IDP connection for Yammer and is divided into the following activities:
For specific directions on registering EmpowerID as an application in Yammer, see the information provided by Yammer at https://www.yammer.com.
When registering EmpowerID in Yammer, use the following URL as the Callback or Return URL, replacing "OAuth 2.0.
Note |
---|
Prerequisites: Before configuring Yammer as an OAuth Identity Provider in EmpowerID, you need to meet the following conditions:
|
Info |
---|
Once you have completed setting up an SSO connection for Yammer, you can create a link Once the IDP Connection has been set up for Yammer, you can create a link similar to the one below to allow users to login to EmpowerID using Yammer.
|
language | xml |
---|---|
theme | DJango |
Be sure to replace |
icon | false |
---|
language | xml |
---|---|
theme | DJango |
with the FQDN of your EmpowerID server. |
Steps
To configure Yammer as an Identity Provider for EmpowerID, you need to do the following:
Create an application for EmpowerID in Yammer
Configure the default Yammer OAuth Provider app
Add a Login button to the Login page for Yammer
Test the OAuth provider app
Registration an application for EmpowerID in Yammer
To allow users to authenticate to EmpowerID using their Yammer credentials, you must register EmpowerID as an OAuth application in the Yammer developer console. See Yammer’s article at https://developer.yammer.com/docs for directions on how to do this. During the app registration process, Yammer will generate a Client ID and Client Secret for the application. You will use these when you create an OAuth Provider App for Yammer in EmpowerID.
When registering an application for EmpowerID in Yammer, set the following:
Setting | Description |
---|---|
Application Name | Name of the application you are creating. This can be any value. |
Organization | The name of your organization |
Support e-mail | An email address users of your app can contact for application support |
Website | Your organization’s website |
Redirect URI | The URL to redirect the user’s browser to after the user has linked the application to their Yammer account.
|
To add the Client ID and Client Secret to the Yammer OAuth Connection
|
Configure the default Yammer OAuth Provider app
On the navbar, expand Single Sign-On > SSO Connections and
click OAuth / OpenID Connect.
Select the
External OAuth Services tab and then search for Yammer.
Click the
Provider link for Yammer.
- Image Added
Click the Edit button for the
default
Image Removed
In the OAuth Connection pane that appears, type the Client ID Yammer generated for your application in the Consumer Key field and the Client Secret in the Consumer Secret field.
Image Removed
To add MFA points to the Yammer application
- From the External OAuth Providers page for Yammer, click the Provider Edit link at the top of the page.
- In the MFA Point Value field, type the number of MFA points you want to give to users logging in with Yammer.
- Click Save.
title | To create an IdP Domain |
---|
Type the fully qualified domain name in the Domain Name field and then click Save.
To add a Login Tile for Yammer
From the Navigation Sidebar, expand Admin > Applications and Directories > SSO Connections and click SSO ComponentsYammer OAuth provider app.
Image AddedUnder General Settings, fill in the following information and then click Save.
Field | Description |
---|---|
Consumer Key | Consumer Key generated by Yammer for the app |
Consumer Secret | Consumer Secret generated by Yammer for the app |
Is Identity Provider | Select this option to flag the OAuth provider as an Identity Provider app. |
Select existing Account Directory | Select Yammer to place authenticated users in the selected account store. |
Callback Url | This is the URI that Yammer redirects users after they have authenticated with Yammer. The URL should look like the following: |
Add a Login Button for Yammer
On the navbar, expand Single Sign-On > SSO Connections and click SSO Connections.
Select the IdP Domains tab and then click the IdP Domains link for the IdP
Domain where you want
the Login tile to appear.
- Image Added
Select the External OAuth Providers tab and
then select the
Yammer provider.
- Image Added
Click Save.
Note |
---|
To give users the ability to log in using their EmpowerID credentials, be sure to |
select EmpowerID from the SAML Identity Providers |
tab of the IdP Domain Details page. |
Image Removed
To test the Yammer IdP connection
Image Removed
Test the OAuth Provider App
Log out of the EmpowerID Web interface and navigate your browser to the domain name you configured for the Yammer IdP connection.
Click the Login
Using Yammer
tile.
This redirects your browser to the Yammer Login for the EmpowerID web application you created in Yammer. Enter your Yammer credentials and click Log In.
Image Removed
Yammer directs you to the Access Request page for the EmpowerID application you created in Yammer. Click Allow to allow
Log in to Yammer as you normally would.
Click Allow to authorize EmpowerID to retrieve the necessary information
to link the Yammer account to your EmpowerID identity (Person
Image Removed
Info |
---|
This permissions page only appears the first time you log in to EmpowerID with your Yammer account. Subsequent logins simply redirect your browser from the Yammer login page to the EmpowerID web application. |
Image Removed
Info |
---|
Users without EmpowerID Persons can request EmpowerID accounts by clicking No. This initiates the Create User Account workflow, which displays a form in the browser to allow the user to fill in the appropriate information. If a user submits the request, EmpowerID routes that request to those individuals in your environment with the ability to approve or deny the request and returns the user to the EmpowerID Web login. |
Image Removed
Image Removed
Tip |
---|
If you have set up the user's Password Manager policy to require the user accumulate a specific number of trust points beyond those granted by the identity provider, EmpowerID will direct the user through any Multi-factor methods you have enabled on the policy until they reach the needed point threshold to log in. |
style | margin-top: 25px; |
---|---|
class | relatedContent |
title | Related Content |
---|
object).
You should be authenticated to EmpowerID.
Div | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||
IN THIS ARTICLE
| class
| topicTOC
|
Excerpt- |
---|
Live Search | ||||||
---|---|---|---|---|---|---|
|
Div | ||
---|---|---|
| ||
On this page |
Include Page | ||||||
---|---|---|---|---|---|---|
|