Juniper Websites: Single sign-on setup

Accounts and Roles on your website are managed through User Manager.  If you prefer to use Azure Active Directory or Google Workspace (previously Google Suite) accounts to log in to the website, follow the instructions below.  After setting up Active Directory to allow the Website to access your accounts, you can specify which Active Directory user groups are linked to the Security Roles on the website. 

Client Microsoft Azure Active Directory setup process 

  1. Log in to your Microsoft Azure account.
  2. Select Azure Active Directory.
  3. Select App registrations.
  4. Select New registration to create the app instance:
    SSO01.png
  5. Enter a Name.
  6. Select the Supported account types.
  7. Add a Redirect URI. This should be your website address followed by /admin/login/sso/oauth/return.asp. For example, to set up SSO for the URL https://www.junipereducation.org enter https://www.junipereducation.org/admin/login/sso/oauth/return.asp  SSO02.png
  8. In the App Registration, select Authentication.
  9. Under Advanced settings enter a logout URL. This should be your website address followed by /ssosp/logout. For example, to set up SSO for the URL https://www.junipereducation.org enter https://www.junipereducation.org/ssosp/logout.
  10. Select Save.SSO03.png
  11. To allow the Juniper Websites CMS access to Azure AD, you will need three pieces of information from Azure: Application (client) IDDirectory (tenant) ID and Client Secret. Two of these are found in the Overview section:SSO04.png

    The third is found under Certificates and Secrets. To create a new secret for use on the website, select New client secret:SSO05.png
  12. After noting your details log into Juniper Websites CMS as an administrator.

Client Google Workspace setup process

  1. Login to https://console.developers.google.com/.
  2. If you have not created a project, select Select a project.
  3. In the popup that appears, select New Project.
  4. Give your project a name that will identify it within your organisation.
  5. After creating your project, ensure it is selected in Select a project.
  6. You must create an OAuth consent screen from the OAUth Consent page menu. This page informs your users that they are supplying data to the service you are creating:
    • Select Internal as your user type.
    • Add ../auth/admin.directory.group.readonly to the list of scopes for Google APIs. This data helps the CMS identify a user's G Suite group(s) and assign them to the appropriate CMS group.
    • Add your website address to the Authorised Domains list. If your website uses multiple domains, you should add each domain here.
    • Set any remaining options as appropriate for your users.
  7. Select Credentials from the left hand menu.
  8. Select the Create Credential link, then select OAuth client ID.
  9. Set the URI and the post redirect URI. The app type should be set to web application:
    1. Add your web address as the origin URI.
    2. Add the authorised redirect URI. This can be found in the Juniper Websites CMS. Select Website Settings from the Website tab, then open the relevant tab for the item you are enabling, for example, Single Sign On:
  10. After creating your credentials, copy the Client ID and Client Secret
  11. After noting your details log into Juniper Websites CMS as an administrator.

Setting up SSO in Juniper Websites (Microsoft Azure Active Directory)

  1. Select Settings from the Website tab.
  2. Select Website Settings.
  3. Scroll down and select Single Sign-on:
  4. Select Azure AD for What single sign on provider should the website use?.
  5. Enter the Client ID, Tenant ID and Client Secret from Azure.
  6. Optionally, add your Domain for logging in.
  7. When prompted select Authorise access to Azure AD and follow the authorisation process.
  8. After authorisation use Add/Remove Links to align your Azure Active Directory groups to the Security Roles within your Juniper Websites CMS.
  9. You can Enable Single Sign-On, choosing how you will allow users to log in to the website.
  10. Select Save to complete the set-up.

Setting up SSO in Juniper Websites (Google Workspace)

  1. Select Settings from the Website tab.
  2. Select Website Settings.
  3. Scroll down and select Single Sign-on:
  4. Select G Suite for What single sign on provider should the website use?.
  5. Enter your Client ID, Client Secret, and the Google Workspace Domain.
  6. Select Save.
  7. When prompted select Authorise access to G Suite and follow the authorisation process.
  8. After authorisation use Add/Remove Links to align your Google Workspace Directory groups to the Security Roles within your Juniper Websites CMS.
  9. You can Enable Single Sign-On, choosing how you will allow users to log in to the website.
  10. Select Save to complete the set-up.

Updated

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Submit a request