Log on to TotalAgility Designer or Workspace
Once federated security is configured and enabled in the TotalAgility Designer, any subsequent logons to TotalAgility Designer or Workspace use federated authentication.
Each user on initial logon is automatically added to TotalAgility using the configuration settings of the authentication provider in TotalAgility Designer and the security token claim values for the user.
In TotalAgility Designer, you can also generate a Logon form to use the configured federated security.
Logon process when user claim mappings are automatically retrieved
In this use case, as the user claim mappings are configured to be automatically retrieved from the security token claims, the logon process is as follows:
- User launches Designer or Workspace in the browser via the standard TotalAgility URL.
- The browser is redirected to the logon page of the configured authentication provider. If multiple authentication providers are configured, the user can select the provider they wish to use.
- The user enters credentials for the authentication provider.
- The authentication provider validates the user credentials.
- If authentication is successful, the authentication provider passes the authenticated security token claims back to TotalAgility via a callback URL.
- The browser is redirected to the callback URL where TotalAgility processes the claim mappings, adds the user to TotalAgility (if the user does not already exist) as specified in the configured user claim mappings/ rules, and logs on the user to TotalAgility.
-
The home page of Designer or Workspace is displayed with the user successfully logged on.
Steps 3 and 4 are skipped if the user has previously logged on to the authentication provider and it supports "single sign-on." Usually, this is implemented by the authentication provider storing a session cookie in the browser once the user has successfully logged on.
Logon process when user claim mappings are manually provided
If any user claim mappings are configured to be manually entered by the end user (instead of automatically retrieving them from the security token claims), a page is displayed when the browser is redirected to the callback URL to allow the user to enter this data. When it is submitted the process is the same as described for automatic user claim mappings.
The details are entered manually only the first time the user logs on to TotalAgility.
Logon form
You can modify the generated form to automatically redirect to any other form after the user is successfully authenticated with the Federated Provider.
-
In
TotalAgility Designer, navigate to
.
-
On the
Generate list, select
Logon form.
The Generate logon form dialog box is displayed.
- On the Type list, select Federated security.
- Click Generate and release.