This document has been generated with machine translation.
This section describes how to configure SSO settings.
What are SSO (Single Sign-On) settings?
A mechanism enabling access to multiple Systems with a single User authentication.
By enabling SSO in LegalOn, you can access the service via your ID provider.
*Enabled SSO changes the authentication method from Email address and password authentication to authentication via your ID provider.
LegalOn currently supports integration with the following ID providers:
Microsoft Entra ID (formerly Azure Active Directory)
Okta
HENNGE One
※SSO can also be used with other ID providers that support SAML 2.0.
Usage Conditions
*Please contact your company's Module Administrator regarding your Options subscription Status. *If you wish to apply for the Options, please inform your sales representative. |
Important Note
If SSO is Enabled with incorrect settings, you will be unable to log in again after closing the browser or Logout.
After enabling SSO, please ensure you test whether login succeeds by following the " Test SSO Login " procedure in another browser or in the same browser's incognito mode, while keeping the SSO settings screen open.Users whose Email domain matches the one configured in the SSO settings screen can log in via SSO. Users logging in with other Email domains will be authenticated using their Email address and password.
Current, SAML authentication only supports SP-Initiated SSO (where the Service Provider initiates the SAML authentication process). This requires logging in each time from the LegalOn login screen. Please note that the authentication process will fail with an error in IdP-Initiated SSO.
Set up SSO
Configure SSO settings on the ID Provider side
Click [Admin settings] → [ SSO settings ] in LegalOn
Troubleshooting
"SSO Settings" menu not displayed:
This is a paid option and is hidden if you are not subscribed. If you are subscribed but it still does not display, please contact our support team.
② Copy the "Endpoint URL" and "Entity ID(Identifier)", then configure your settings on your ID provider's side
Setup methods vary by provider. For questions, please contact us for more information.
Related Articles
2. Configure SSO settings on the LegalOn side
① Obtain the following information from the identity provider configured in Step 1-②
Endpoint URL
Public Key Certificate (X.509 Certificate)
② Enter the obtained information into the following fields: "Email domain," "Identity provider endpoint URL (HTTP redirect) (as shown in the figure below), and "SAML signing certificate (X.509 public key certificate issued by the identity provider for signing)"
③ Click [Register]
Important Notes
For the Email domain, please enter the string after the '@' symbol.
The "Endpoint URL" may be labeled differently depending on the ID provider, such as "Login URL".
For the "Public Key Certificate (X.509 Certificate)", please enter all the text contained in the file with the ".pem" extension.
※ Copy and paste all the strings, including "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----".
3. Activate SSO
Click [Admin settings] → [ SSO settings ] → [Enable SSO (Single Sign-On)].
② Review the message and click [Activate].
SSO will be enabled.
SSO log in will be applied from the next time you log in to LegalOn。
Test if you can Login with SSO
With the SSO settings screen open, use a different browser or the same browser's incognito mode to
Open " https://app.legalon-cloud.com/ ".
Enter your email address and click [Continue].
Follow the on-screen instructions to log in via the configured ID provider's login screen
Once the LegalOn dashboard is displayed, your SSO Login is complete.
Troubleshooting
If you see the following error screen during your first login, restart the tab or browser and open " https://app.legalon-cloud.com/ " again.
Deactivate SSO
① Click [Admin settings] → [ SSO settings ]
② Turn off [Enable SSO (Single Sign-On)]
③ Review the message and click [Deactivate]
SSO log in will be applied from the next time you log in to LegalOn。