Skip to main content

Set up SSO

Written by LegalOnサポートチーム
Updated over a month ago

This document has been generated with machine translation.


Check the modules enabled and user types

This section describes how to configure SSO settings.

What are SSO settings?

This is a mechanism that allows users to access multiple systems with a single authentication.

In LegalOn, SSO is enabled, allowing you to access the system via your ID provider.

*Note: SSO is Enabled, which changes the authentication method from Email address and Password authentication to authentication via your ID provider.

Currently, LegalOn has confirmed successful integration with the following ID providers:

  • Microsoft Entra ID (formerly Azure Active Directory)

  • Okta

  • HENNGE One

*You can use SSO with ID providers other than those listed above as long as they support SAML 2.0.

Terms of Use

  • Users in tenants that have subscribed to the SSO (Single Sign-On) option

  • Permissions required for configuration: IT Administrator

  • SSO settings Requirements:

    • Have a contract with an ID provider (compatible with SAML 2.0)

    • The email address registered with the ID provider matches the one registered with LegalOn

*Please contact your company’s Module Administrator regarding your Options subscription status.

*If you wish to apply for one of the Options, please contact your sales representative.

Important Notes

  • If SSO is Enabled while the settings contain errors, you will be unable to log in if you close your browser or Logout.
    After enabling SSO, please ensure you test whether you can log in successfully by following the " Test SSO Login " procedure in a different browser or in Incognito mode of the same browser, while keeping the SSO settings screen open.

  • Users whose Email domain matches the one set in the SSO settings screen can log in via SSO. Users logging in with other Email domains will be authenticated using their Email address and Password.

  • Currently, SAML authentication supports only SP-Initiated SSO (a method where the Service Provider begins SAML authentication), and you must log in from the LegalOn login screen each time. Please note that the IdP-Initiated SSO authentication process will result in an error and authentication will not be completed.

Set up SSO

1. Configure SSO settings on the ID Provider side

① Click [Admin settings] → [ SSO settings ] in LegalOn

Troubleshooting

The "SSO settings" menu is not displayed:

This is a paid option, so it will be hidden if you have not subscribed. If you have subscribed but the menu does not display, please contact our support team.

② Copy the "Endpoint URL" and "Entity ID(Identifier)" and configure them on your ID provider

The setup procedure varies depending on your provider. If you have any questions, please contact us for more information.

Related Articles

2. Configure SSO settings on the LegalOn side

① Obtain the following information from the ID provider configured in Steps 1-2

  • Endpoint URL

  • Public Key Certificate (X.509 Certificate)

② Enter the Email domain and the information obtained in the fields labeled "Identity provider endpoint URL (HTTP redirect)" and "SAML signing certificate (X.509 public key certificate issued by the identity provider)" in the figure below

③ Click [Register]

Notes

  • For the Email domain, please enter the string following the "@" symbol.

  • The "Endpoint URL" may be labeled differently depending on the ID provider, such as "Login URL."

  • For the "Public Key Certificate (X.509 Certificate)," please enter all the text contained in the file with the ".pem" extension.
    *Please copy and paste all the text, including "-----BEGINCERTIFICATE-----" and "-----END CERTIFICATE-----".

3. Enable SSO

① Click [Admin settings] → [ SSO settings ] → [Enable SSO (Single Sign-On)]

② Review the message and click [Activate]

SSO will be Enabled.

SSO log in will be applied from the next time you log in to LegalOn。

Test whether you can log in using SSO

  1. While keeping the SSO settings screen open, open
    " https://app.legalon-cloud.com/ "

  2. Enter your email address and click [Continue]

  3. Login via the login screen of your configured ID provider, following the instructions displayed on the screen

Once the LegalOn home page displays, your SSO Login is complete.

Troubleshooting

If the following error screen is displayed during your first login, click [Return to login screen], or restart the tab or browser, then open " https://app.legalon-cloud.com/" again and log in once more.

Deactivate SSO

① Click [Admin settings] → [ SSO settings ]

② Turn off [Enable SSO (Single Sign-On)]

③ Review the message and click [Deactivate]

SSO log in will be applied from the next time you log in to LegalOn。

Did this answer your question?