Identity Provider

An identity provider (IdP) is a service that stores and verifies user identity. IdPs are typically cloud-hosted services, and they often work with single sign-on (SSO) providers to authenticate users. Single Sign-on (SSO) allows organizations to centrally administer access to the emSigner application via an Identity Provider like Okta, Azure, Active Directory Federation Services (ADFS), or OneLogin.

When the SSO is enabled in the emSigner application for an Organization, the Internal users must use their company email address and the validation/authentication is handled by the Identity Provider instead of the emSigner application.

When the Organization wants to integrate their Identity provider, first they have to configure the emSigner in their IdP account. Post that the Metadata URL has to be provided in the “Identity Provider” Settings page of the emSigner Super Admin Account.

Below are the steps to configure the Metadata URL in the emSigner application.

Steps to configure the Identity Provider in emSigner

Step 1: Login to emSigner Super Admin account. Click on ‘Settings’ tab to open the Admin Settings.

Step 2: Click on the “Identity Provider” tile to open the Identity Provider details page.

• Identity Provider Metadata URL: This is the URL that is generated in the Okta App Page.

• There is an option of Autofill that is provided beside the text box which will populate all the below details from the Metadata URL.

• Identity Provider Issuer: This will be present in the Metadata URL under the entityID.

• Identity Provider Login/Redirect URL: This is the Single Sign-on URL that is given in Step 7 of the next section.

• Identity Provider Logout URL: This is the Single Logout URL that is given in Step 7 of the next section.

Step 3: Once these details are filled in the application will validate and save the details when the Super Admin/Admin clicks on Save.

Step 4: If the Super Admin/Admin wishes to delete the already added details, they can do so by clicking on ‘Delete’. This option will be available only for the existing Identity Provider details which were already added.