Page 1 of 1

Authentication without SSO

Posted: Fri Oct 04, 2024 12:43 pm
by cayennep
Starting a new trial but this will be a big factor
How do people use SSO for published output?? I mean, don't most of us have a great number of users of the doc, and not on the same networks etc?
For public user docs, many companies still think the doc is IP and do not want it public, valid or not. For API doc, it could be I guess.
Now SSO is working, that is what's pushed in the docs, but not an option and trying to understand what is. Even whitelisting domains, there would be several hundred for customers.
Maybe (customer) users can request access but how would they know to? This might fly esp as right now we have a single username & password for the help site.
Guessing I may be able to use SSO inside our organization, but due to security and this being outside anything microsoft there could be issues there too.
Any tips appreciated, as I start to look at another trial understanding what options to explore would help a lot!

Re: Authentication without SSO

Posted: Mon Oct 07, 2024 6:35 am
by AlexFox
You can only configure one SSO tenant through Central, which would 99.9% of the time be your organisation. This allows people to automatically be provisioned as viewers when they access Central and it's the only real way to protect your documentation due to the nature of Flare's output and how HTTP works.

It's essentially there as a way of making content accessible only to your organisation but still hosted online, for whatever purpose suits you.

Re: Authentication without SSO

Posted: Fri Oct 11, 2024 9:40 am
by cayennep
this post is not related to what I asked. will try again and maybe make a new post now I know a bit more

We can't use SSO. We have internal users and external (customer) users, so that's out. also, madcap didn't say you can only have a single sso tenant, so not sure if that's true.

The site will be private. Else would not be asking about authentication.

Only option to get access for viewers is kinda challenging and quite a few steps:

> add users manually or via upload csv
- send an invite
- not sure what happens on their end, but the 'enter your madcap login' is gonna be confusing as they don't have one. should just be 'enter your email'.
- one option got 'request access' button, which is confusing as I've already started that process
- not sure what happens with the email notification I get, and whether it's actionable - one test failed, another got different results. Tech support is looking into what _should_ happen

What I'd _like_ to happen is that login page shows a message/form to send an email to techpubs. They're checking into whether that's possible

Another option - put a redirect on existing domain to a form/msg. This would mean using a different domain on central, which isn't great.

And, last option - provide a single login per customer, and even single login per internal team. Not great but still better than what we have now.