Rapidflare

Rapidflare Documentation

Single Sign-On (SSO) IT Guide

Getting Started

The first step to enabling SSO is to create Rapidflare as an application in your IdP's systems. Once this is setup, for identities exchanged with Rapidflare, we need to set up an attribute mapping system.

1. Provisioning Rapidflare in your IdP Systems

We have two options for enabling SSO access to Rapidflare.

1.1 Rapidflare initiated

In this flow, your Rapidflare support team will provide your IT admins with an SP Entity ID and ACS URL. IT admins will then use it to create an application in their IDP for Rapidflare. As they set up Rapidflare's SAML 2.0 configuration in their IDP dashboard, they will generate an IdP Metadata URL. When this is provided back to Rapidflare, we can complete the process and enable single-sign on.

1.2 Customer Self Service

We can also invite a customer IT admin to set things up directly in our authentication system WorkOS. We just need an email. An invitation goes out, and via the instructions in the email, an admin will have access to our self-service SSO management portal.

2. Attribute Mapping

Across both options, IT admins on the customer’s side have to setup a couple of other things:

  1. First, they have to ensure metadata about users who sign in contain the minimum set of attributes Rapidflare needs to process their identity. This is done during the SAML setup on the IdP systems. Rapidflare requires the following attributes to support our full features in a personalized manner:
  • email
  • firstname
  • lastname
  • profile picture
  1. IT admins can also optionally control, what internal teams or individual users have access to the app they created for Rapidflare in their IdP. This process will vary by the IdP systems.

User Login Experience

When your users come to the Rapidflare dashboards to login, they will enter their email (e.g. me@acme.com) and request a sign in. Recognizing the user is from an enterprise on SSO, our authentication system will redirect you to login through your IDP system. Once validated, the IdP system sends back the user to our dashboard with the appropriate credentials.

Your user's can also start from your IdP dashboard, find Rapidflare as an application there and initiate a sign in process.