Single Sign-On with Creative Force
Creative Force is able to integrate with any SSO so long as it is SAML 2.0 compatible.
At present, we have documentation on the following IdP's:
Okta
Note:
If you use a different IdP, please reach out to support@creativeforce.io for assistance.
Login directly from user's IDP is supported with Okta, Microsoft Azure, OneLogin and Duo. Click here to learn more about this.
For security reasons, the SSO settings are only available to users with the "Account Owner" role or Admin users if granted access via the Account Owner.
Below are the steps to set up your SSO configuration. You will need to have two-factor authentication enabled to proceed with the below.
Configure your identity provider (IdP)
Step 1. Preparation
You will need the below information from Creative Force in order to complete the set-up on your IdP. All of this can be found within your Creative Force instance. Please contact our Customer Support team in case you do not have access, via in-app chat or support@creativeforce.io
SP Entity ID
SP Assertion Consumer Service Url
SCIM 2.0 URL
Note: We only support SCIM version 2.0, we don't support other versions
Go to Studio Settings -> SSO Settings -> Add IDP. From here, select the Identity Provider you want to add.
Step 2. Setup an IdP integration app
Once you have the information from step one, you can then set up an IDP integration app for Creative Force with your IDP. Here are our knowledge base articles:
If you select Other IdPs (SAML Compatible) you may need to note some main points:
Declare and input three Creative Force fields: SP Entity ID & SP Assertion Consumer Service Url & RelayState. You will need to fill in the RelayState information if you want to login to CF directly from your IdP.
Mapping metadatabase on SAML
Completing the setup by clicking on ‘Save’.
Set up SAML SSO for Creative Force
Step 1. Preparation
Copy either (See Step 2. Setup an IdP integration app):
Identity Provider metadata URL
OR whole content of Identity Provider metadata
Step 2: Setup SSO on Gamma
IDP Configuration
To do this step you must have access to SSO settings and have 2FA enabled
Navigate to STUDIO SETTINGS > SSO SETTINGS.
You can have multiple IdPs with CF. Click 'Add IDP' to create a new connection. The IDP connection can be enabled and disabled. If disabled, users will not be able to log in to CF using the IDP.
Note: Domain name is pre-filled based on the current user's email address. This can be changed to your preference. The domain requires at least one character and only accepts English alphabet characters, numbers and 3 special characters + . -
Select the Identity provider from the drop-down
Fill in the Identity Provider metadata URL. The Metadata document URL should be accessible via the browser and it is displayed as an XML document.
OR all of the content from the Identity Provider metadata
Once you save the IdP configurations, you will see the SCIM Bearer token generated.
New user configuration
Configure your "New User Default Configuration" (Role, Skills and Type). These settings will be applied to all new SSO users.
Input 2FA code and click Save. Now the SSO is ready.
Completing the setup by clicking on ‘Save’.