Single sign-on (SSO) is enabled at the company level by a system administrator for that company. A list of company system administrators can be found by logging in to CtrlPrint, navigating to the company page and scrolling to the Administrators box.
Note that after SSO is activated, users will no longer be able to request a new password or change their email address. If need be, a user’s email address can be changed by an administrator.
External administrator passwords and logins are not affected by SSO activation.
To Activate SSO
Before activating SSO it is important that you check the email addresses associated with user accounts in CtrlPrint and ensure that they are identical to the UPNs used by your IDP. Users will not be able to log in if these do not match. Note that the email addresses are case sensitive.
- Log in as an administrator. Click on the company name where you wish to activate SSO.
- Use the toggle option found on the right side of the page to start the setup process.
- Use the necessary information provided to properly set up your IDP (identity provider). We currently only support SAML 2.0.
- Once your IDP is configured click “Continue” to provide the necessary metadata for CtrlPrint. This can be done with either a link to the file if it is hosted online (recommended) or by uploading it to our server.
- After adding your metadata file click on the “Verify SSO…” button which ensures that your provided information is correct and compatible.
- Once your metadata has been verified click “Continue”.
- Check the “I agree” option and click the “Activate” button.
- SSO will now be active for all users in the company. Once activated all users within the company will receive an email informing them of the change in the login process. The next time they log in they will be required to do so using the company’s chosen SSO solution.
- If need be you can update the metadata provided by using the orange cog icon seen in the image above, see this page for more information.