Platform News

Organizations can now integrate their existing user directories to our cloud service, allowing your users to login with their existing company credentials. This feature is available to all Standard and Enterprise Network subscribers and we welcome any organizations to upgrade for a free 30 day trial if they wish to test the functionality today.

For Users

If you already have a central login/password for your organization, you probably don’t want to remember a new username and password for all the different cloud services you use. With this feature enabled by your administrators, you will now be able to use a single login with your existing credientials seamlessly. In order to get started, here are some user best practices:

  1. Your administrators will give you a specific URL for your organization to bookmark when you want to login to Alfresco in the cloud.
  2. When you access that URL, you will automatically be redirected to your organization’s login page to login using your existing credentials.
  3. On successful login, you will automatically be redirected back to Alfresco and logged into the application
Even better, if you’re a first time user to Alfresco and your organization already has Alfresco with this feature enabled, you don’t need to sign up, you can simply login straight away and you will get a new account on Alfresco automatically. This feature really makes it easy for users to access Alfresco without requiring new usernames and passwords or having to sign-up when enabled for your Network.

For Administrators

For the more technical, this new feature uses the SAML Single Sign-On (SSO) 2.0 protocol to integrate your existing Active Directory/LDAP server with our cloud service. Using some simple configuration on your Account Settings page, any of your Network Members will be able to go to a unique URL for your Network, which will redirect them to your own login page where they can sign in. On a successful login, they will be automatically redirected back to Alfresco and logged into use the service.

This means a couple of things:

  • Your users only need to manage one password for your organization and no longer need to create a separate login to use the Alfresco in the cloud service.
  • Since you control the login process and policies, you have complete authority over how users are provisioned and managed using your existing security infrastructure.
  • You can onboard users easily by just letting them login to the cloud service, automatically creating a new account for them if its their first time accessing the service
SAML SSO Overview

You can find our full documentation on how to get setup using SAML SSO with Alfresco in the cloud here.

Supported Identity Providers (IDPs)

We have built this to conform with the SAML standard so this feature should work out of the box with any SAML SSO enabled IDPs. However; in practice many IDPs have their own quirks, which means we have to certify each provider to ensure they work and are fully supported by our service on every release. At this time our official support is limited to PingFederate, but we will be looking to expand this list to other IDPs such as Centrify over time based on customer demand.

Get started today and let me know if you have any feedback or questions by leaving a comment here!

About the author

David Gildeh

Director of Cloud Services at Alfresco. An ECM junkie with his head in the clouds...

Leave a comment

Previous Post:

© 2017 Alfresco Software, Inc. All Rights Reserved.