Single Sign-On (SSO) Groups

The Single Sign-On Groups (SSO Groups) functionality is the integration of groups given by the Identity Provider through SSO Provider with an existing TMS Group. This functionality allows you to create, read, update, and delete these associations.

SSO Group is used in the login process when a user is trying to sign in using SSO credentials, the web service provides a unique identifier for this user along with an SSO Group Identifier that is linked internally to this user on the client-side.

TMS uses this Group Identifier to find a matching TMS group for this user. If TMS can’t find a TMS group, then it will by default configure the “TMS Users” group for this user.

Functions with SSO groups

You can perform the following functions with SSO groups:

Create and manage a new SSO group by identifier and name.
Create and manage TMS groups associated with an SSO group.
Match a new SSO user to a TMS group when the user first signs in to TMS.

You can use security settings to limit which users can perform these functions.

This topic covers the following:

Navigation

Go to Setup > Security > Single Sign-On Groups.

Add SSO group

To add an SSO group:

On the Single Sign On Groups page, click the New button.
On the Add Single Sign On group dialog, enter the information for the SSO group.
- ID SSO Group – identifier related to SSO group on the client-side.For example, 1001-9G.
- Group Name – unique name for the SSO group
Click Save.

The Edit Single Sign On Group dialog appears.
On the Group pane, click the Add button.

The Single Sign On Group Setup dialog appears.
From the TMS Group field, select the TMS group to link with the SSO group.
Click Save.

You can only link one TMS group to a SSO group at a time. To add a new group, delete the previously added group.

Single Sign-On (SSO) Groups

Functions with SSO groups

Navigation

Add SSO group

Edit or delete SSO group

Rate this topic: