Is SSO (single sign-on) setup?

It is a mechanism that allows multiple systems to be used with a single user authentication.

LegalOn Cloud allows access through your identity provider by enabling SSO.

*When SSO is enabled, the authentication format changes from email address and password authentication to authentication via your ID provider.

Currently, LegalOn Cloud has confirmed integration with the following ID providers

Microsoft Entra ID (formerly known as Azure Active Directory)
Okta.
HENNGE One

SSO is also available for ID providers other than those listed above, as long as they support SAML 2.0.

Terms of Use

Tenant users who have subscribed to the SSO (single sign-on) option
Permissions that can be set: IT administrator
Terms and conditions of use of SSO settings:
- Contracted ID provider (SAML 2.0 compliant)
- The email addresses registered with the ID provider and LegalOn Cloud match.

*Please contact your service administrator to inquire about the subscription status of the option.

*If you would like to apply for an option, please contact your sales representative.

Set up SSO (single sign-on)

important point

If SSO is "enabled" with incorrect settings, you will not be able to log in if you close your browser or log out.

After enabling SSO, please be sure to test whether login is successful by following the procedure in "Testing whether login is possible with SSO" in a different browser or in incognito mode of the same browser while the SSO settings screen is open.

Users whose email domain matches the email domain set in the SSO configuration screen at the time of login can log in with SSO. For users logging in with other mail domains, authentication by email address and password will be applied.

1. implement SSO settings on the ID provider side

(1) Click [Common system settings] > [External linkage] > [SSO settings] in LegalOn Cloud.

If the "SSO Settings" menu does not appear

If you are not a subscriber, the information will not be displayed. If you are a subscriber and still do not see it, please contact our support team.

(2) Copy the "Endpoint URL" and "Entity ID" and configure the settings on the ID provider side you are using.

Setup procedures vary depending on your provider. Please contact your ID provider if you have any questions.

Related Articles

2. SSO configuration on the LegalOn Cloud side

(1) Obtain the following information from the ID provider set up in step 1-(2).

Endpoint URL
Public key certificate (X.509 certificate)

(2) Enter the email domain and the information obtained in the "ID provider's endpoint URL (HTTP-Redirect)" and "Certificate for the public key used by the ID provider for signing (X.509 certificate)" shown below, respectively.

Click [Register].

important point

For the e-mail domain, please enter the string of characters after the "@".
Endpoint URL" may be written differently by some ID providers, e.g., login URL.
For "Public Key Certificate (X.509 Certificate)," enter all text contained in a file with a ".pem" extension.
*Copy and paste all text including "-----BEGINCERTIFICATE----- and -----END CERTIFICATE-----."

3. Enable SSO

(1) Click [Common System Settings] > [External Connections] > [SSO Settings] > [Use SSO (Single Sign-on)].

(2) Click [Enable].

SSO is enabled.

The change in login method will be applied the next time you log in.

This completes the setup.

Test if you can log in with SSO

Click "Start" at "https://app.legalforce-cloud.com/".
Enter your email address and click [Continue].
From the login screen of the ID provider you set up, follow the instructions on the display to log in

When the LegalOn Cloud dashboard appears, SSO login is complete.

important point

You may be returned to the entrance screen when you log in for the first time. Please click "Start" and enter your e-mail address again to log in.

Disable SSO

(1) Click [Common System Settings] > External Linkage [SSO Settings].

(2) Turn off [Use SSO (single sign-on)].

(3) Click [Disable].

The change in login method will be applied the next time you log in. This completes the setup.