QuickHelp provides different authentication options. Below you’ll find information on authenticating using Single Sign-On (SSO).

Benefits of Single Sign-On

  • Users log in automatically
  • No passwords stored in the QuickHelp database
  • “Just-in-time” user provisioning
  • Access controlled by corporate account status

What You Need

  • WS-Federation or Security Assertion Markup Language 2.0 (SAML 2.0) IdP (Identity Provider)
    • For Active Directory Federation Services (ADFS) – WS-Federation
      • Windows Server 2008 R2 or newer – domain joined
      • Recommended – public web or wildcard SSL certificate
      • Optional – ADFS Proxy Server/Web Application Proxy for external users
  • Email assertion attribute
    • Other assertion attributes like First Name, Last Name, Department, and Title should also be included.

How it Works

  • User authentication is either transparent or user is presented with a familiar login page
  • QuickHelp never communicates directly with internal user database
  • QuickHelp receives a signed token from the IdP, verifies the digital signature, and automatically authenticates user

Identity Providers documented in the SSO Configuration Guide

  • ADFS – WS-Federation
  • Azure AD – WS-Federation
    • Leverage your existing O365 connection
  • Okta – SAML 2.0
  • OneLogin – SAML 2.0
  • PingOne – SAML 2.0
  • Centrify – SAML 2.0

Who is Needed

The following individuals will need to be involved in configuring SSO.

  • Your QuickHelp Project Lead
  • Your Identity Management, Single Sign-On, or Active Directory Team


Keep in Mind
While potentially any WS-Federation or SAML 2.0 SSO platform may be supported, for IdPs not documented in the QuickHelp SSO Configuration Guide, deployment times may take more time than expected.