SuperOps - SSO configuration
This documentation has been tested and approved by Kelvin Zero's team
This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for SuperOps using MPAS. SSO simplifies user authentication by allowing access to multiple applications with a single set of credentials. This integration enhances security and improves user experience across your organization.
To set up Multi-Pass with SuperOps, ensure you meet the following requirements:
- SuperOps admin rights
- MPAS Admin rights
- Make sure that all users intended to use SSO in SuperOps are registered in your IdP and have the necessary permissions to access SuperOps.
Important: Custom elements in URLs (like realm names) are case sensitive. Make sure to match the exact casing from your environment.
SuperOps - SSO configuration
Step 1 – Get Required Information from SuperOps
- Log in to your SuperOps dashboard.
- On the left menu, click the Settings icon (gear symbol).
- Scroll down to Security Management, then click on Technician Login.
- Click on the SSO option to begin setup.
- Copy the Consumer Service URL displayed, you’ll need this in Multi-Pass.
SuperOps requires the following user attributes: firstname, lastname, and email.
Step 2 – Create a SAML Client in Multi-Pass
- Open Multi-Pass Dashboard
- Log in and select your deployment.
- In the left menu, click on Advanced Console.
- Click on Clients, then click Create client.
- Complete the following fields :
| Field | Value |
|---|---|
| Client Type | SAML |
| Client ID | https://superops.ai |
| Name | superops |
| Description | SSO integration test |
| Always Display in UI | ON |
- Then click Next and complete the fields below:
| Field | Value |
|---|---|
| Home URL | https://ca.auth.kzero.com/realms/<TENANT_NAME>/protocol/saml/clients/superops |
| Valid Redirect URIs | Consumer Service URL from SuperOps |
| IDP-Initiated SSO URL Name | superops |
- Make sure that the configuration is completed, in the settings tab :
| Setting | Value |
|---|---|
| Name ID Format | |
| Force Name ID Format | ON |
| Sign Documents | OFF |
| Sign Assertions | ON |
- Go on the keys tab :
- Client Signature Required = OFF
- Encrypt Assertions = OFF
- Go to the Advanced tab
- Assertion Consumer Service POST Binding URL = Consumer URL from SuperOps
Step 3 – Create User Attribute Mappers
- Go to Client Scopes, select the associated scope.
- Click on Add Mapper > By Configuration > User Attribute.
- Complete the fields for each required attribute: email, firstname, lastname.
Example for
email:| Field | Value |
|---|---|
| Name | |
| User Attribute | |
| Friendly Name | |
| SAML Attribute Name | email |
- Repeat for firstname and lastname.
Step 4 – Collect the x.509 Certificate
- In the left menu, go to Realm Settings.
- Open the Keys tab.
- Find the line labeled RS256, then click Certificate.
- Copy the certificate content and paste it into SuperOps.
Step 5 – Finalize SSO Setup in SuperOps
| Field | Value |
|---|---|
| IDP Login URL | https://ca.auth.kzero.com/realms/<TENANT_NAME>/protocol/saml |
| Certificate | Paste the full x.509 certificate |
| Logout URL | Optional |
- Click Save and log out — then test passwordless authentication to SuperOps using Multi-Pass
Related Articles
SAML SSO Integration Guide
This guide provides an overview of how to configure SAML Single Sign-On (SSO) between Multi-Pass and a third-party Service Provider (SP). Multi-Pass acts as the Identity Provider (IdP) in this federation model. Multi-Pass is working on SCIM support ...Rocket.chat - SSO configuration
This documentation has been tested and approved by Kelvin Zero's team This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for Rocket.chat using MPAS. SSO simplifies user authentication by allowing access to multiple ...ConnectWise - SSO configuration
This documentation has been tested and approved by Kelvin Zero's team This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for ConnectWise using MPAS. SSO simplifies user authentication by allowing access to multiple ...Auvik - SSO configuration
This documentation has been tested and approved by Kelvin Zero's team This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for Auvik using MPAS. SSO simplifies user authentication by allowing access to multiple ...HaloPSA - SSO configuration
This documentation has been tested and approved by Kelvin Zero's team This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for HaloPSA using MPAS. SSO simplifies user authentication by allowing access to multiple ...