Learn to set up single sign-on for your Dotdigital account using an Identity Service Provider (IdP).
Overview
Single sign-on (SSO) is a method for authenticating users. With SSO, a user can use a single set of credentials to log into several different applications – such as Dotdigital.
SSO is beneficial for users who want to make it easy for their users to log in, to reduce their overheads for password management, and to control password access centrally within their organization.
You can use SSO with any identity provider that supports the OpenID Connect standard. However, in this article, we show you how to get started with SSO using Azure Active Directory, Okta, Google (GSuite), OneLogin, and Ping SSO.
To learn more about the OpenID Connect Standard, check out the OpenID website.
Before you start
Things you need to know:
- You must have an account with an Identity Service Provider (IdP) that supports the OpenID Connect standard.
To find out if we can integrate with your Identity Service Provider (IdP), fill out our Single Sign-on Qualification form.
- You must be an account owner.
Set up Single Sign-On (SSO) for your account
Getting started with single sign-on (SSO) is a four-step process:
- Order the single sign-on feature for your account
- Set up your IdP for Dotdigital SSO
- Complete the SSO configuration form
- Add your IdP users to Dotdigital
Step 1: Order the SSO feature for your account
To order the single sign-on (SSO) feature for your Dotdigital account, contact your Account manager or Customer success manager.
Step 2: Set up your IdP for Dotdigital SSO
Before setting up SSO on your account, you must set up and get some information from your Identity Services Provider (IdP).
Every provider differs in the process, but to help, we have guides on how to do this for Azure Active Directory, Okta, and Google workspace. If you’re using an on-premise Active Directory, first use the Active Directory Federation Services to synchronise your on-premise Active Directory to Azure Active Directory.
Here's what you'll do in your IdP:
- Add a new instance for Dotdigital.
- Add a redirect URLs for
https://login.dotdigital.com/Sso/Authenticate. - Get your Client ID, Client Secret, and Metadata endpoint.
Instructions for your IdP
- Azure Active Directory: Set up and find SSO configuration information
- Okta: Set up and find SSO configuration information
- Google Workspace: Set up and find SSO configuration information
- OneLogin: Set up and find SSO configuration information
- Ping SSO: Set up and find SSO configuration information
Step 3: Complete the SSO configuration form
After you order SSO with us, we send you a secure form in a support ticket to collect the information you gathered from your IdP in Step 2: Set up your IdP for Dotdigital SSO.
To fill the secure form:
- Go to the secure form.
- Under Your details, enter your First name, Last name, and Company name.
- Under Your secrets, enter your Client secret, Client ID or Application (client) ID, and metadata endpoint in the Notes box.
- Select Submit secrets.
We'll then configure SSO on your account.
Once we receive your details, we'll get to work configuring SSO on your account. This process is not instant. After we have everything set up, we'll send you a confirmation to let you know you can start using SSO on your Dotdigital account.
Step 4: Add IdP users to Dotdigital
The final step is to make sure all your users have an account in Dotdigital.
To add users for SSO, you must create a Dotdigital user account for all users you want to access Dotdigital – if they don't already have one. All users’ email addresses in Dotdigital must match the users’ email addresses in your identity service provider.
To learn how to create new users in Dotdigital, check out the article Add a user.