In the login link of the company module of your Admin Panel, you can configure the way in which users will enter the platform.

There you can select if users must enter a password or they can enter directly through another website.

Login with password

By selecting GOintegro, users of the platform enter it using an eight-character password.

Single sign-on (SSO)

By selecting the Single Sign-On option, all users logged on to your intranet will be able to access the platform without having to enter a new password. That is, authenticated in the Identity Provider (IdP) of your company.

When configuring single sign-on, it is possible to delegate user authentication to any available Identity Provider system, compatible with SAML 2.0, such as Active Directory.

On the other hand, the IdP administrators can determine who can access GOintegro and optionally create new users directly from the integration.

Here's how to make the configuration. Share this information with your technical area beforehand and verify the requested data.

Technical configurationWhen you click on single sign on, you must complete the data below.

  • Login and logout page of your Identity Provider

Here you must enter the URL of the Login Service of your IdP. Optionally you can also add the Closing Session URL.

  • SAML attribute for email

In this field the name of the user identification attribute (email) must be completed, as it will be sent in the SAML assertions.

  • IdP Certificate

Then, attach the digital certificate used by the IdP to sign the SAML assertions.

  • SAML attribute for first and last name

Optionally, if you want to create a user automatically from your first login to the platform, you must check the following check and complete the SAML attributes that will contain the First and Last Name.

Once you have completed all the fields, the Save button will be enabled.

Once saved, the single sign-on (SSO) option is activated and the session of all connected users is closed, including the administrator user. Only the administrator users will keep their username and password to access the Admin Panel.

Mobile Apps access

For access to GOintegro mobile applications, it is necessary that users have previously accessed the web platform at least once. Then, from the same mobile application, they can log in with their user's email address, where they'll receive a one-time access code.

In those cases where users are previously created in Admin Panel, including their email addresses, it is possible to avoid the first login using the web platform. They can access the mobile app right away following the same process, using the email address linked to their users, where they'll receive the one-time access code.

Additional technical details

To complete the configuration of your IdP, keep in mind the following:

  • The Single Sign-On Endpoint of your platform will be as follows. Replace {subdomain} with the subdomain of your platform:

https://auth.gointegro.com/sso/module.php/saml/sp/saml2-acs.php/{subdomain}

  • The Login URL that you configured in Admin Panel must match the Issuer of your IdP in the SAML assertions.

  • El parámetro Audience de las aserciones SAML debe coincidir con el subdominio de tu plataforma.

#Important: If for some reason you activated the Start of Single Session on your platform and you need to access the Admin Panel to make a change, you can do it with your Administrator username and password, through a URL like the following:
https://{subdomain}.gointegro.com/adminpanel/

Disable the Single Sign-On

To deactivate the SSO, you must re-select the GOintegro option in the Login link of your Admin Panel.

Doing so will close the session of currently connected users. Those users who have never established a password, must establish it to receive instructions to log in through their email.

For more technical details about the start of a single session, go to the following link.

Did this answer your question?