Remedyforce Integration: Enable Remedyforce single sign on (SSO) using free OneLogin starter plan

By Kedar Zavar, Senior Consultant, Cloudaction    

What is OneLogin?

OneLogin is a cloud-based identity management solution that provides single sign on (SSO) capabilities to allow users to log in to their cloud-based applications using their employee corporate credentials. SSO from OneLogin provides benefits to users and to IT. For users, they don’t need to remember various credentials; for IT, your support staff can manage multiple apps though OneLogin, provision and de-provision users in real time, create and enforce security policies, and more.

Why OneLogin for Remedyforce

For Remedyforce users, the OneLogin SSO integration provides a wealth of advantages:

  • Remedyforce customers can get a free OneLogin for Remedyforce SSO plan.
  • Real-time directory integration and synchronization
  • It’s easy to set-up, configure and enable Remedyforce SSO.
  • Supports easy provisioning and de-provisioning of users with entitlements
  • Available multifactor authentication for added security
  • Integrated desktop SSO and mobile integration
  • Reduces administrator effort to maintain and manage users in Remedyforce
  • Options like “Forgot password” and “reset password” enhance customer satisfaction and promote self-service
  • Advanced feature like bidirectional synchronization is available
  • OneLogin premium support is available
  • Single console for multiple cloud apps like Office 365, Workday, Dropbox, and Google apps
  • SAML-enabled and pre-integrated with more than 4,000 commonly used applications
  • Centralize audit trails and SOX compliant (here’s a link to all of our certifications)
  • 99.9% uptime guaranteed
  • No firewall changes and in-house infrastructure required to enable Remedyforce SSO

Remedyforce Integration with OneLogin

That’s quite a laundry list, so let’s take a moment to focus on what I consider some of the key “can’t miss” OneLogin features for Remedyforce administrators and the users they support.

  • It’s free! Through Remedyforce’s partnership agreement with OneLogin, there is a free OneLogin for Remedyforce plan.
  • SSO and real-time directory synchronization. One of the important aspects of Remedyforce onboarding is user management and synchronization of users from Active Directory (AD) and Lightweight Directory Access Protocol (LDAP). Some companies also prefer SSO options, which makes it very simple for users to access Remedyforce self-service or for analysts to work on tickets. OneLogin uses SAML 2.0 to sign users into BMC Remedyforce and other BMC Software applications. The standards-based SAML protocol uses digital signatures to establish trust between the identity provider and the application, eliminating user- managed passwords and the risk of phishing.
  • Easy to use, configure and set up. While there are other available SSO options, such as Pentaho, OneLogin can do this without extra overhead and the setup is quick and simple. OneLogin is pre-integrated via SAML with a wide range of enterprise applications, including Salesforce. The entire OneLogin setup process time for Remedyforce is less than a day, making it one of the fastest ways to give your Remedyforce users SSO, and later you can integrate OneLogin SSO your cloud app ecosystem. You can also test this in you sandbox as part of UAT.

  • AD connector. OneLogin also has an AD connector that can be easily installed by downloading a Windows executable that deploys the Connector as a Windows service. The AD Connector establishes a secure, outbound SSL connection to OneLogin that it will keep up at all times. You can browse through virtual trees of OUs and import one or more subtrees into OneLogin. OneLogin sends a delegated authentication request to the AD Connector, which in turn validates the user’s credentials against AD. You can browse through virtual trees of OUs and import one or more subtrees into OneLogin as per need. OneLogin sends a delegated authentication request to the AD Connector, which in turn validates the user’s credentials against AD.
  • User provisioning and attributes. OneLogin supports multiple user attributes out-of-the-box such as First Name, Last Name, Alias, Company, Department, Division, Extension, Fax #, Federation ID, Locale, Permission Sets, Phone #, Profiles, Roles, Time Zone, Title, User ID. What’s more, OneLogin supports custom attributes* such as a Manager Field mapping, which can be important for approvals. Setup is easy and the interface is easy to use. You can drive the user data based on security groups, and admins can manage profiles /permission sets /roles based on security groups an entitlement definitions. This provides solid flexibility to Remedyforce/Salesforce administrators without doing any custom code, Java scripting, etc. Also, there are easy activation and deactivation options; you can control or automate the syncs. Remedyforce admins have full access on setting up users and everything is real-time.
  • Mobile integration. OneLogin SSO is completely available on tablets and smart phones.
  • Branding. You can personalize the login page to match your company banding.
  • Integrated desktop SSO. OneLogin has an option of direct integrated desktop SSO allows your users to authenticate with OneLogin without having to type in a username and password. The process allows users from a specific IP address or a range of IP addresses to automatically sign into OneLogin by validating AD credentials.
  • Self-service password resets. Another great OneLogin option is self-service password resets. OneLogin provides a seamless way to synchronize password changes across AD and your OneLogin portal, as well as across web applications secured with OneLogin. When a user’s password expires in AD, the real-time connection to OneLogin respects this immediately and will prompt a user to change their password from the OneLogin sign-in page. Once the new password is confirmed, OneLogin changes the user’s password to match in AD and also provisions this out to any applications that are configured with password provisioning in OneLogin. Additionally, if a user decides they would like to change their password prior to the password expiring, they may sign into OneLogin and change their password at any time from their OneLogin portal.
  • SOX compliance. OneLogin is a SOX-compliant solution. OneLogin supports complex directory infrastructures for some of the most demanding public companies in the world. This allows Remedyforce admins to rest easy with OneLogin’s redundant data centers, redundant DNS, DDoS protection, quarterly security reviews by iSEC Partners, and 24/7 monitoring, with a 99.99% uptime guarantee.

*Note: Some features may not be part of free OneLogin for Remedyforce plan. For more details, please Ask Us NOW!

Key Takeaway

OneLogin SSO gives Remedyforce/Salesforce administrators a tremendous amount of functionality without needing to do any custom coding, Java scripting, etc. And for your users, OneLogin provides a secure SSO option that enables them to be more productive and creating more value for the business. For Remedyforce users, it’s a win-win situation. For more information about OneLogin for Remedyforce, click here.

At Cloudaction, our goal is to help you get maximum value from your Remedyforce experience. We welcome your comments and suggestions. Please don’t hesitate to contact us at 1-844-2CLOUDA (1-844-225-6832) or via Ask Us NOW!, a complimentary service from Cloudaction to provide expert answers to your product capability, functionality, and implementation questions. We promise to respond to your inquiry or question within 24 hours.