Skip to content

Single Sign-On (SSO) FAQ

About expiration of identity provider services

Some identity providers have (expire_at) expiration time for the connection. For SAML2.0 refer to the expiration time of the x509 certificate; and in the case of OAuth2.0 it refers to the expiration of the client_secret.

If this is the case, you must include this field in the information provided.

About attribute mapping of user data

The implemented SSO requires minimum attributes that must be federated from your identity provider (IDP). These attributes are:

  • Name: user name
  • Last name: user last name
  • Email: user email
  • Unique identifier: unique identifier within the identity provider, if your IDP does not generate a unique value you can assign the email as a unique field.

About the assignment of camps and brands associated with your account with Griky

SSO allows the assignment of a brand and the selection of one or more camps for connection, to which its users will have access.

If in your business logic you want to assign users to different brands and different camps, you must request their identifiers within Griky, and they must be part of the federated attributes from your IDP.

For example:

User 1 User 2
Brand: 12345 Brand: 54321
Camps: 78945,65821,36125 Camps: 45126,41239,36125

Additionally, you can also send the following attributes:

  • Phone
  • City
  • Company
  • Department

About test data

You will need to provide a test account that is perfectly configured. With the minimum required attributes.

Sending the email address and password, so that the IT team can perform tests.

About filling out the SSO configuration form

To fill out the data associated with the configuration you must enter the following link:

Form

What happens after filling out the form?

Your KAM or CSM will be sent the callback url that you must configure in your identity provider. Once this value is configured, you must notify us back that you have already made the configuration.

Next, the IT team will carry out connection tests. And it will notify your KAM or CSM if everything went correctly or a technical space needs to be scheduled.

What to do if you do not have knowledge of the identity provider configuration?

You can request a technical meeting from your KAM or CSM and the Griky IT team.

Copyright © Griky 2023