Kudos tries to make giving recognition and engaging employees as easy as possible, and our Single Sign On integration is a big part of making connecting simple. This document will discuss how to configure Kudos to work with an existing SAML-based SSO server, or any SAML-compliant service provider of your choice.
What You Need to Get Started:
- A properly configured Kudos Plus (or higher) account with Administrator privileges
- A SAML-based Identity Provider that can issue x.509 certificates
- Sign On URL (Identity Provider Endpoint)
- An engineer or administrator who is familiar with configuring an SSO server or service provider
Configuring Kudos to Use Your Existing Single Sign On:
Go to > Account > Integrations > SSO
- Enter your Sign On URL (Identity Provider Endpoint)
- Enter your x.509 certificate
- Choose a logout URL (ie. where your users go after log out). Use your Kudos URL if you are using the SharePoint Integration.
- Enter your Kudos URL (enter the subdomain only, see example below)
- Click Save.
To see an example of integrating with ADFS, please click here.
- Certificate x509 must be a ‘BEGIN CERTIFICATE’ and an 'END CERTIFICATE' with the base64 encoded blurb formatted into 64 character lines
- If you receive the error “HTTP Error 400: The size of the request headers is too long.” this site provides some troubleshooting: http://blogs.perficient.com/microsoft/2014/03/office-365-ad-fs-authentication-fails-due-to-token-size/
If you require a SSO provider, are experiencing difficulty, or feel that your SAML service provider or server is not supported, please post a comment below and one of our friendly team members will be happy to assist you.