Customer actions for SSO implementation

To implement SSO in your system, you’ll need to perform a few steps. Some must be done by all customers, while others depend on the protocol used.

Information required from all customers

Regardless of your protocol, we’ll need you to send us the following:

  1. List of email domains for which you wish to activate SSO.

  2. Email addresses of users chosen to perform tests.

Steps required depending on protocol

SAMLv2

If you use the SAMLv2 protocol you must perform the following steps:

  1. To communicate with our platform, you must start by integrating our sandbox and production environment metadata in your system. You can retrieve these metadata at the following URLs:

  • Sandbox environment:

https://dld-sandbox.datalegaldrive.com/FederationMetadata/2007-06/FederationMetadata.xml

  • Production environment:

https://dld.datalegaldrive.com/FederationMetadata/2007-06/FederationMetadata.xml

2. Verify metadata integration in the sandbox environment (https://dld-sandbox.datalegaldrive.com) and make any necessary changes.

3. Once the integration has been validated, replicate it on the production environment (https://dld.datalegaldrive.com).

4. Once the metadata have been fully integrated in your system, a link or xml file will be generated. Send us this link or file so we can gain access to your own metadata file.

OAUTH2 / OPENIDConnect

If you use the OAUTH2 or OPENIDConnect protocol you must perform the following steps:

  1. Configure an authentication client that points to the URL of our application.

  2. To allow us to generate the configuration file that will be integrated in our system, we’ll need you to provide us with the following:

  • authorizationURL

  • tokenURL

  • clientID

  • clientSecret

3. Verify metadata integration in the sandbox environment (https://dld-sandbox.datalegaldrive.com) and make any necessary changes.

4. Once the integration has been validated, replicate it on the production environment (https://dld.datalegaldrive.com).

AzureAD

If you use the AzureAD protocol, you’re pretty much set! Just log in once we have finished the configuration on our side in order to enable our application through your AzureAD.