DOMO - SSO configuration
This documentation has been tested and approved by Kelvin Zero's team
This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for Domo using MPAS. SSO simplifies user authentication by allowing access to multiple applications with a single set of credentials. This integration enhances security and improves user experience across your organization.
To set up Multi-Pass with Domo, ensure you meet the following requirements:
- Domo admin rights
- MPAS Admin rights
- Make sure that all users intended to use SSO in Domo are registered in your IdP and have the necessary permissions to access Domo.
Important: Custom elements in URLs (like realm names) are case sensitive. Make sure to match the exact casing from your environment.
DOMO - SSO configuration
Step 1 - Configure Multi-Pass as the Identity Provider (IdP)
- Select the correct tenant and go to Integrations, click on Applications
- Select in the custom integration section SAML
- Complete the SAML setup with the information below :
| Field | Value |
|---|---|
| Client ID (=SP Entity ID) | https://<DOMO_SUBDOMAIN>.domo.com |
| Name | domo |
| Description | Domo SSO integration |
| Assertion Consumer Service URL | https://<DOMO_SUBDOMAIN>.domo.com/auth/saml |
| NameID Policy Format | email |
- Select Download Tenant Certificate and save the file locally
- Click add integration
- Click Advanced Console
- Click Clients and search for Domo
- Make sure that the following fields are well completed :
General settings (Multi-Pass)
| Field | Value |
|---|---|
| Client ID | https://<DOMO_SUBDOMAIN>.domo.com |
| Name | Domo |
| Description | Domo SSO integration |
| Always display in UI | ON |
Access settings (Multi-Pass)
| Field | Value |
|---|---|
| Home URL (IdP-initiated) | https://ca.auth.kzero.com/realms/<TENANT_NAME> |
| Valid Redirect URIs (ACS) | https://<DOMO_SUBDOMAIN>.domo.com/auth/saml |
| IDP-Initiated SSO URL Name | <APP_NAME> |
SAML Capabilities
| Setting | Value |
|---|---|
| Name ID Format | |
| Force Name ID Format | ON |
| Force POST Binding | ON |
| Include AuthnStatement | ON |
Signature & Encryption
| Setting | Value |
|---|---|
| Sign Documents | ON |
| Sign Assertions | ON |
- Now that you have checked the different parameters, change to the tab called “Keys”.
- Make sure that both parameters are switched to OFF.
- Now go to the “Advanced” tab.
- The field “Assertion Consumer Service POST Binding URL” must equal the Valid Redirect URIs (ACS).
Step 2 - Configure Domo as the Service Provider (SP)
- Log into Domo as an Administrator
- Click the wrench on the left side menu and select Single Sign On (SSO) under Authentication
- Under Configuration select Configure beside SAML
- Select Manual Entry
- Fill in the IdP Endpoint URL and Entity ID based on the table below :
| Setting | Value |
|---|---|
| Identity Provider Endpoint URL | https://ca.auth.kzero.com/realms/<TENANT_NAME>/protocol/saml |
| Entity ID | https://ca.auth.kzero.com/realms/<TENANT_NAME> |
- Upload the Multi-Pass Certificate
- Select Allowed (all domains) under Just-in-time user provisioning
- Select SSO (Domo auth screen) under User login experience
- Check the box beside Sign authentication requests
- Click Save and Enable
Step 3 - Testing Multi-Pass to Domo
- Navigate to your Domo login page
- Click Sign in and you will be redirected to Multi-Pass for authentication
- Complete the authentication and access Domo
Related Articles
Mulesoft - SSO Integration
This application has been formally tested by Kelvin Zero Inc. This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for Mulesoft using Multi-Pass. SSO simplifies user authentication by allowing access to multiple ...SAML SSO Integration Guide
This guide provides an overview of how to configure SAML Single Sign-On (SSO) between Multi-Pass and a third-party Service Provider (SP). Multi-Pass acts as the Identity Provider (IdP) in this federation model. Multi-Pass is working on SCIM support ...Zoho One - SSO configuration
This documentation has been tested and approved by Kelvin Zero's team This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for Zoho One using MPAS. SSO simplifies user authentication by allowing access to multiple ...D2L Brightspace - SSO Integration
This application has not been formally tested by Kelvin Zero Inc. It is provided solely as a reference guide. If you encounter any issues, kindly submit a ticket directly through the support desk. This documentation provides a step-by-step guide to ...Vanta - SSO configuration
This documentation has been tested and approved by Kelvin Zero's team This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for Vanta using MPAS. SSO simplifies user authentication by allowing access to multiple ...