Getting Started with Single Sign-On

Overview

Single sign-on (SSO) is an authentication process that allows users to access multiple applications with one set of login credentials. Forethought supports SSO authentication in order to provide users a seamless sign-on experience. SSO integration with the Forethought Dashboard provides easy access for larger teams without the burden of managing login credentials.

Enabling SSO for User Authentication

Prerequisites

• You must have an active Forethought Dashboard account with company admin access. If access is needed, please reach out to support.
  

Steps

Access Forethought Dashboard Settings company-name.forethought.app/sso-settings

1. Set Up Application with Metadata XML: Setup a custom application with your Identity Provider (ex: Okta, Azure, etc.) and generate the metadata XML file. You can add via the URL or upload the .xml file.

2. Test the SSO configuration: Once you have uploaded the .xml file, please test the SSO with the URL provided under the "Enable SSO" section.

3. Successfully Test then Enable SSO: Once you have completed testing successfully and the application is set up with assigned users, please click "Enable SSO" to enable for the organization.

4. Enable Bookmark App: This SAML configuration solely supports SP-initiated SSO, with the Service Provider being the Forethought Dashboard. Therefore, you'll need to establish a bookmark app (e.g., an Okta bookmark) that directs to company-name.forethought.app/single-sign-on.