You will need to engage your Professional Services Consultant at SuccessFactors who will gain access to SuccessFactors Provisioning to provide you all the information you need to set up SSO to your Go1 Platform.
Configuration steps
Step 1
To be completed by SuccessFactors' Professional Services Consultant
1.1 Provide the following information to the customer in question:
Their LMS data center long format; (e.g. pmsalesdemo8.successfactors.com)
Their SuccessFactors Instance ID (not name)
1.2 Create a Service request using this link and provide the below details:
Go1 portal url
LMS data center long format
SuccessFactors Instance ID
Step 2
To be completed by Go1
2.1 The Go1 team will configure SSO using the details provided in steps 1.1-1.2 to download the SAML IDP metadata from the following URL:
https://[SF data center url]/idp/samlmetadata?company=[sf_company_instance]
2.2 Enable SSO v3 in the Go1 Portal (follow steps in internal Confluence asset ‘SSO Setup Guide’, and add the following details from the downloaded XML file:
Go1 Portal: X.509 Certificate = XML File: X509Certificate. You may need to add -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- to the top and bottoms of the certificate code on their own lines.
Go1 Portal: Login URL = XML File “Location” from: <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect”>
Go1 Portal: Logout URL = XML File “Location” from: <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST”>
This will generate a PostBack URL and Entity I.
2.3 Send these details back to the customer and their SuccessFactors Professional Services Consultant.
2.4 The Post Back URL is to be used as the Assertion Consumer Service in SuccessFactors Provisioning.
2.5 (Optional) this logout URL: https://GO1web.auth0.com/logout
2.6 Click Submit.
2.7 In the Auth0 mappings UI, access the newly created connection via Connections > Enterprise > SAML > Customer named connection.
2.8 On the Settings page scroll down to the request template section.
2.9 Add the following:
On the IdP-initiated SSO page confirm the default application is filled correctly with the following:
On the Mappings page confirm the default assertion mapping is filled correctly with the following. If the user is on a test instance add the following settings:
{
"name": "loggedinuserid",
"user_id": ["Loggedinuserid",
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/loggedinuserid"]
}If the user is on a production instance add the following settings:
{
"name": "loggedinuserid",
"user_id": "loggedinuserid"
}
Once SSO setup has been completed and you have tested, come back to the SSO set up page in GO1 > Integrations page.
2.10 Uncheck “Allow login with username & password”
2.11 Click Submit
Please note: This will clear the configuration in Auth0 and you will need to re-add it.
Please check steps 2.7 through 2.9 again. This will skip the Go1 screen where the user selects “Login with your Identity Provider” and sign the user in immediately.
Step 3
To be completed by SuccessFactors' Professional Services Consultant
3.1 You will receive URLs from Go1, which you need to add to Provision.
3.2 The customer will provide you with an Assertion Consumer Service URL and (optionally) a logout URL
3.3 Login to Provisioning and go to Authorized SP Assertion Consumer Service Settings
3.4 Enter the Assertion Consumer URL and logout URL as shown below, be sure to tick the checkbox over to the right.
3.5 Click 'Save'
Note: The SuccessFactors provisioning system might take up to 24 hours for this to update.
Navigation for this integration
Access every article below to configure SuccessFactors with Go1:
Set up SSO to the Go1 Platform
Have any questions or comments?
Please don't hesitate to contact us through our live 24/7 support or by emailing us at [email protected].