Configure Single Sign-on (SSO) Between SmarterTrack and Another Site

This article applies to recent versions of SmarterTrack. View articles for SmarterTrack 14.x and earlier.

Logins may be shared between SmarterTrack and an external website written in ASP.Net. This allows a login to one of the sites to carry over to the other site without requiring the user to log in again, a process known as "single sign-on" or, more commonly, SSO. However, this can only be performed between two sites that share the same base domain, such as:

  • www.example.com and support.example.com
  • www.example.com and www.example.com/support

Follow these steps to configure single sign-on:

Set the machine key in web.config to be the same on both sites.

  1. In both web.config files, go to the authentication forms tag and add domain="example.com" to it (use your own domain name) and set enableCrossAppRedirects="true"
  2. Log into the SmarterTrack management interface as a System Administrator.
  3. Click the Menu icon, and from the dropdown select Settings.
  4. Under the Tools header click External Providers
  5. On the Options tab, check the box next to Enable login provider. It's tab will become active. Click on the tab. 
  6. Complete the following required fields: Web Services URL, Web Services Password, Forgot Password URL, and Default Role for Users.
  7. Select the Enable single sign-on cookies from other sites checkbox.
  8. Click the Save button.

Note: If your external website is using a different version of ASP.Net than 4.0 (ex. 2.0, 4.5), you will also need to add compatibilityMode="Framework20SP2" or compatibilityMode="Framework20SP1" to your <machineKey> tag for both sites.  This is so that the cookies will have the same encryption method.

If you are using ASP.Net 4.5 for your external site, you will need to add the following lines to the web.config file for that site as well, under the <AppSettings> key:

<add key="aspnet:UseLegacyFormsAuthenticationTicketCompatibility" value="true" />
<add key="aspnet:UseLegacyEncryption" value="true" />
<add key="aspnet:UseLegacyMachineKeyEncryption" value="true" />

For more information, refer to the External Providers page of the SmarterTrack Online Help.

 

Learn more about the SmarterTrack online help desk and how you can improve your overall customer service.