NinjaOne - SSO configuration
Please note that this application has not been formally tested by Kelvin Zero Inc. It is provided solely as a reference guide. If you encounter any issues, kindly submit a ticket directly through the support desk.
This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for NinjaOne using MPAS. SSO simplifies user authentication by allowing access to multiple applications with a single set of credentials. This integration enhances security and improves user experience across your organization.
To set up Multi-Pass with NinjaOne, ensure you meet the following requirements:
- NinjaOne admin rights
- MPAS Admin rights
- Make sure that all users intended to use SSO in NinjaOne are registered in your IdP and have the necessary permissions to access NinjaOne.
Important: Custom elements in URLs (like realm names) are case sensitive. Make sure to match the exact casing from your environment.
Ninja One - SSO configuration
Step 1 - Configure in NinjaOne (Service Provider)
- Log into NinjaOne as an Administrator.
- Browse to Administration > Accounts > Identity Provider.
- Select Configure in the top right corner.
- Under Import metadata from select URL and enter:
SP Values
| Field | Value |
|---|---|
| Entity ID (SP) | Provided in NinjaOne Configure SSO screen |
| ACS (Assertion Consumer Service URL) | Provided in NinjaOne Configure SSO screen |
Detail Setup (IdP values to enter in NinjaOne)
- IdP Entity ID
- IdP SSO URL
- IdP Metadata URL
- Binding: POST
- NameID Format: email
Step 2 - Configure in Multi-Pass (Identity Provider)
- Select the correct tenant and go to Integrations > Applications.
- Select in the custom integration section SAML.
- Complete the SAML setup with the below information.
| Field | Value |
|---|---|
| Client ID (=SP Entity ID) | Provided by NinjaOne in the Configure SSO screen |
| Name | ninjaone |
| Description | NinjaOne SSO integration |
| Assertion Consumer Service URL | Provided by NinjaOne in the Configure SSO screen |
| NameID Policy Format |
- Click Add integration.
- Now on the left of your screen, click on "advanced console"
- Click on Client
- Use the search bar to find the application you just created and then click on it. and make sure the fields are completed :
General settings
| Field | Value |
|---|---|
| Client ID | Provided by NinjaOne in the Configure SSO screen |
| Name | ninjaone |
| Description | NinjaOne SSO integration |
| Always display in UI | ON |
Access settings
| Field | Value |
|---|---|
| Home URL (IdP-initiated) | https://ca.auth.kzero.com/realms/<TENANT_NAME>/protocol/saml/clients/<APP_NAME> |
| Valid Redirect URIs (ACS) | Provided by NinjaOne in the Configure SSO screen |
| IDP-Initiated SSO URL Name | <APP_NAME> |
SAML Capabilities
| Setting | Value |
|---|---|
| Name ID Format | |
| Force Name ID Format | ON |
| Force POST Binding | ON |
| Include AuthnStatement | ON |
Signature & Encryption
| Setting | Value |
|---|---|
| Sign Documents | OFF |
| Sign Assertions | ON |
Step 3 - Testing Multi-Pass to NinjaOne
- In NinjaOne navigate to Administration > Accounts > Technicians.
- Locate an account to test with and select More and then Edit from the drop down list.
- In the Technician Editor under the General section, select the Security tab. From the Authentication Type drop-down list, choose Single Sign-On. Save the changes.
- Test a SSO by clicking the NinjaOne icon in Multi-Pass with the test user logged into Multi-Pass.
Related Articles
SAML SSO Integration Guide
This guide provides an overview of how to configure SAML Single Sign-On (SSO) between Multi-Pass and a third-party Service Provider (SP). Multi-Pass acts as the Identity Provider (IdP) in this federation model. Multi-Pass is working on SCIM support ...D2L Brightspace - SSO Integration
This application has not been formally tested by Kelvin Zero Inc. It is provided solely as a reference guide. If you encounter any issues, kindly submit a ticket directly through the support desk. This documentation provides a step-by-step guide to ...Mulesoft - SSO Integration
This application has been formally tested by Kelvin Zero Inc. This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for Mulesoft using Multi-Pass. SSO simplifies user authentication by allowing access to multiple ...Notion - SSO configuration
Please note that this application has not been formally tested by Kelvin Zero Inc. It is provided solely as a reference guide. If you encounter any issues, kindly submit a ticket directly through the support desk. This documentation provides a ...Heap - SSO configuration
Please note that this application has not been formally tested by Kelvin Zero Inc. It is provided solely as a reference guide. If you encounter any issues, kindly submit a ticket directly through the support desk. This documentation provides a ...