Enabling Single Sign-On (SSO) authentication for your organization allows for secure authentication against your current identity database. BrainStorm's best practice is for every organization to configure SSO.


 NOTE: When you enable SSO for your QuickHelp account, every user must authenticate using SSO, whether you use a single SSO provider or multiple SSO providers.



Before proceeding with your SSO configuration, please note that your SSO Provider can either allow access to QuickHelp to all of your end users or it can restrict access to specific users. This behavior is determined by the configuration within your SSO Provider, not by QuickHelp itself. Some SSO Providers restrict access by default (e.g. Azure), so please thoroughly read the configuration guide to ensure that the authentication process behaves as expected.



Attribute Mapping

It's important to note that individual values should not be used in the Attribute Mapping area in the QuickHelp Admin Portal, e.g. a person's email address. This area is for the Attribute Names sent in the Attribute Statement from your Identity Provider (IdP). What gets mapped in the Admin Portal must match exactly what is listed as the Attribute Name in the Attribute Statement. It's also important to note that for the specific IdPs listed in this document, the Attribute Names are hard-coded and provided in the documentation. For all others, you determine the Attribute Name. 


The attached document will take you through the set up process of many different Identity Providers.