In v1.8 and above Wallboard supports Single Sign-On (SSO). With this feature you are able to use almost any third-party identity providers, like Microsoft Azure AD, Okta or your own. There is a social login option which allows you to login through Google or Microsoft with your email address. Basically any identity provider is supported which uses SAML v2.0 or OpenID Connect v1.0.
If you want to use SAML v2.0 we need some information in order to configure it correctly. First of all you have to send your Idp metadata url. After that we will send back the Sp metadata file to you which you have to import into your Idp. Tell us when you have done that and we will enable it on your server and you can try it out.
In order to use OpenID Connect there are some configuration steps we have to do.We will need the following things:
After this we will send you back the callback redirect URI what you have to enable.
You can find the settings under Administrator -> System settings
Wallboard uses Keycloak as authentication broker. It's always required to configure in order to use SSO. You can use your own Keycloak if you want but we recommend to use our official one. To enable the Social logins (Google/Microsoft) globally for the system you need the following configuration:
If you need more details about the configuration please contact us.
First of all, set up your own custom domain by this guide. Under Settings -> White Label there is a block called Single Sing-on Settings.
This settings will only apply to the specific client.To be able to use this feature we'll have to create the Keycloak realm and the client id, and of course we need all the information about your identity provider (see at SAML or OpenID Connect integration). If you are an advanced Keycloak user we can give you a realm admin which you can use to do further configuration.If SSO login only enabled then your users will only be able to login from the configured identity provider. This is a very useful feature if you want to rely completely on SSO.
With the options we detailed above and our help, you'll be able to use any kind of SSO with unlimited capabilities. If you want to go super secure or the system runs inside a VPN and cannot reach the internet, but you still want to use your internal identity provider we can install and configure a private Keycloak for you.
Leverage Wallboard's powerful suite of tools to create, automate, and manage dynamic digital signage that your audience will remember.