1. CORE Help Center
  2. Getting Started
  3. CORE Settings
  4. Settings
  5. Access & Permissions
  6. Security

Federated Single Sign-On

Updated

Overview

Federated Single Sign-On (SSO) with Security Assertion Markup Language 2.0 (SAML 2.0) allows your company to integrate BQE CORE seamlessly with your existing identity management system. This means CORE users (employees and staff) can log in to CORE using their corporate credentials, eliminating the need for separate usernames and passwords. By implementing this integration, you can improve security, simplify access for employees, and ensure compliance with organizational policies.

As security becomes a higher priority for businesses, especially larger customers, more companies are adopting Federated SSO for its ease and centralized authentication. Through platforms like OneLogin and SAML2, BQE CORE users can smoothly transition to secure, centralized authentication, reducing the complexities of managing multiple access points and credentials.

Note: Setting up Federated SSO in your company is available on a request basis. To get started, please email or call BQE Support or submit a support ticket. Support tickets can be submitted in-app via the CORE Resource Center or from here. Our Support Team will schedule a call to guide you through the process and set it up for your company. Please make sure to enter the following information in your support request.

Product = CORE
Module = Security
Area = SSO Setup Request
IdP = your company's IdP

You can also check the Federated SSO-related FAQs.

Key Features and Benefits

  • Simplified User Access: Employees log in using their existing credentials, eliminating the need to remember multiple usernames and passwords.
  • Enhanced Security: Federated SSO increases security by centralizing user management and enforcing consistent authentication protocols.
  • Compliance: Ensures that your organization stays compliant with security policies by using a trusted identity provider for authentication.

How To

Set Single Sign-On

Add New Employees

Enable SSO in a Batch

Set Single Sign-On

To set up SSO for your BQE CORE account, follow these steps:

  1. Prepare Users: Have a list of CORE users ready who need SSO access. Ensure that their first and last names are properly filled out in your Identity Provider (IdP). While user accounts are linked via email, having accurate, full names helps with identification and user management in CORE.
  2. Check Country: Make sure the Country field is filled out and matches the company’s country. 
    • Employees: Check the employee profile by navigating to Contacts > Employees > General > Details and make sure the Country field is selected.
    • User Profile: Each logged-in user must click on their username on the top-right to access User Settings > User Information > and check the Country field.

  3. Admin Configuration: Verify that the administrator is configured as a Cloud App Administrator in your IdP.

  4. Screen Sharing: During the call, you will need to share your screen so we can guide you through configuring your Identity Provider (IdP) for SSO.

  5. Exchange Details: We will exchange necessary configuration details during the call, such as URLs and certificates.

  6. Testing Setup: After the setup is complete, you can test the login process. Each CORE user will receive an email to finalize their SSO setup. The invitation needs to be accepted to activate their login access. If you use the BQE CORE iOS or Android Mobile app, make sure to test SSO access on the app as well.

Note: The setup process typically takes about 30 minutes, though the time may vary based on your IdP provider.

Add New Employees

After Federated SSO is set up, adding new employees to BQE CORE is a simple process.

To add new employees, follow these steps:

  1. Open the Manage Users screen from the side menu > Settings > Access & Permissions.

    1.jpg

  2. Click Add User and select the relevant option from the drop-down menu, skip this step if the user is already created.
  3. In the list view, select the CORE user and click Detail on the grid.
  4. On the User Details screen, select One Login option from the Login Provider drop-down menu. Users will then receive an email prompting them to accept and activate their SSO account.

    2.jpg

Enable SSO in a Batch

  1. Open the Manage Users screen from the side menu > Settings > Access & Permissions.

    3.jpg
  2. In the list view, select the CORE users that need to be updated with Federated SSO.
  3. Select Update Login Provider from the Actions menu and set to One Login.

Related to:

Related articles