This document has been generated with machine translation.
What are SSO settings?
This is a mechanism that allows users to access multiple systems with a single authentication.
In LegalOn, SSO is enabled, allowing you to access the system via your ID provider.
*Note: Enabling SSO will change the authentication method from Email address and password authentication to authentication via your ID provider.
Currently, LegalOn has confirmed integration with the following ID providers:
Microsoft Entra ID (Old Azure Active Directory)
Okta
HENNGE One
*SSO is enabled for ID providers other than those listed above as long as they support SAML 2.0.
Terms of Use
LegalOn Terms
ID Provider Requirements
*If you wish to subscribe to one of the Options, please contact your sales representative. |
Important Note
If SSO is Enabled while the settings contain errors, you will be unable to log in if you close your browser or Logout.
After enabling SSO, please ensure you test whether you can log in successfully by following the " Test SSO Login " procedure in a different browser or in Incognito mode of the same browser, while keeping the SSO settings screen open.Users whose Email domain matches the one set in the SSO settings screen can log in via SSO. Users logging in with other Email domains will be authenticated using their Email address and Password.
Currently, SAML authentication supports only SP-Initiated SSO (a method where the Service Provider begins SAML authentication), and you must log in from the LegalOn login screen each time. Please note that the IdP-Initiated SSO authentication process will result in an error and authentication will not be completed.
Set up SSO
1. Configure SSO settings on the ID Provider side
① Click [Admin settings] → [ SSO settings ] in LegalOn
Troubleshooting
The "SSO settings" menu is not displayed:
This is a paid option, so it will be hidden if you have not subscribed. If you have subscribed but the menu does not display, please contact our support team.
② Copy the "Endpoint URL" and "Entity ID(Identifier)" and configure them on your ID provider
The setup procedure varies depending on your provider. If you have any questions, please contact us for more information.
Related Articles
2. Configure SSO settings on the LegalOn side
① Obtain the following information from the ID provider configured in Steps 1-2
Endpoint URL
Public Key Certificate (X.509 Certificate)
② Enter the Email domain and the information obtained in the fields labeled "Identity provider endpoint URL (HTTP redirect)" and "SAML signing certificate (X.509 public key certificate issued by the identity provider)" in the figure below
③ Click [Register]
Notes
For the Email domain, please enter the string following the "@" symbol.
The "Endpoint URL" may be labeled differently depending on the ID provider, such as "Login URL."
For "Public Key Certificate (X.509 Certificate)," please enter all the text contained in the file with the ".pem" extension.
*Please copy and paste all the text, including "-----BEGINCERTIFICATE-----" and "-----END CERTIFICATE-----".
3. Enable SSO
① Click [Admin settings] → [ SSO settings ] → [Enable SSO (Single Sign-On)]
② Review the message and click [Activate]
SSO will be Enabled.
SSO log in will be applied from the next time you log in to LegalOn。
Test whether you can log in using SSO
While keeping the SSO settings screen open, open
" https://app.legalon-cloud.com/ "
Enter your email address and click [Continue]
Login via the login screen of your configured ID provider, following the instructions displayed on the screen
Once the LegalOn home page displays, your SSO login is complete.
Troubleshooting
If the following error screen is displayed during your first login, click [Return to login screen], or restart the tab or browser, then open " https://app.legalon-cloud.com/" again and log in once more.
Deactivate SSO
① Click [Admin settings] → [ SSO settings ]
② Turn off [Enable SSO (Single Sign-On)]
③ Review the message and click [Deactivate]
SSO log in will be applied from the next time you log in to LegalOn。