Single sign-on (SSO) eliminates the need for users to keep up with a separate password for Momentus Elite by allowing them to authenticate through their organization's identity provider. Once a user has authenticated through their identity provider, SSO is able to use that information to authenticate Elite.
For more information about SSO, including technical requirements, please see Application Authentication and Security.
Once the feature has been enabled, a System Admin will need to configure Elite to connect to their identity provider before users will be able to authenticate via SSO.
You will need access to your identity provider in order to configure SSO.
- Click on your name in the upper left corner and select System Admin to access the Admin console.
- Click Single Sign-on.
- Click the edit pencil icon by Service Provider Settings.
- In the Edit Single Sign-on slider, select your Identity Provider.
- If your identity provider is not listed, select Other and add the Identity Provider Name. This name cannot have any spaces in it! If you added a name with spaces, please contact us.
Microsoft as renamed Azure Active Directory to Microsoft Entra ID, but we have not updated that name in the application yet. If you are using Microsoft Entra ID, please select Azure AD in the dropdown. - Copy and paste the Federation Metadata URL from your Identity Provider, or select Upload From File. Upload the file by clicking Add Files or by dragging and dropping the document into the box.
- Click Save.
- Click the assignment clipboard icon next to each setting and paste into the appropriate location in your system.
- Click Test Login Url to test the configuration.
For the test to work properly, you may need to access the Test Login Url link from a new incognito browser window.
- If your test was successful, click Enforce SSO.
If SSO must be turned off once it has been enforced, contact us.