Get the SSO URL
To configure an SSO in your IDP, you will need the URL that is used during the SAML authentication process. The SAML requests are sent to the API service, so you should use the API domain that you have configured for your installation. The SSO URL will have the following format:api-app.cognigy.ai
. The organization-id
is the id
of your organization within Cognigy.AI. You can get your organisationId
on the My Profile page by clicking Get the SLO URL
Single Logout is only supported with OneLogin and Microsoft Azure Active Directory:
- Service Provider initiated Single Logout is only supported with Microsoft Azure Active Directory.
- IDP initiated Single Logout is only supported with OneLogin.
app.cognigy.ai
.
Learn more about connecting to your proffered SSO provider in Cognigy Help Center.
Change an SSO Configuration in Cognigy.AI
You can have only one SSO configuration for your organization. If you want to change the configuration, you first need to delete it and create a new one. To delete an SSO configuration, send aPOST
request to:
Enforce Login with SSO
Enforcing login with SSO can be useful to standardize the authentication process and meet security standards within your Cognigy.AI installation. By default, you can log in to Cognigy.AI with your credentials or with SSO. However, you can enforce login with SSO for all users across either all organizations or specific ones within your installation. In this case, users can only log in with SSO. To enforce login with SSO, proceed as follows:- For shared SaaS installations, contact Cognigy technical support. If you use your credentials to log in, you receive an error message. To log in, enter your email address and click Sign in with SSO.
- For dedicated SaaS installations, contact Cognigy technical support. You can enforce login with SSO for:
- The entire Cognigy.AI installation — the login with credentials is deactivated for all users. To log in, enter your email address on the login page and click Sign in with SSO.
- Specific organizations — if you use your credentials to log in, you receive an error message. To log in, enter your email address on the login page and click Sign in with SSO.
- For on-premises installations, you can enforce login with SSO for:
- The entire Cognigy.AI installation — set the
DEACTIVATE_NON_SSO_LOGIN
feature flag totrue
. The login with credentials is deactivated for all users. To log in, enter your email address on the login page and click Sign in with SSO. - Specific organizations — set the
DEACTIVATE_NON_SSO_LOGIN
feature flag tofalse
and assign theorganization-id
to theDEACTIVATE_NON_SSO_LOGIN_ORG_WHITELIST
environment variable invalues.yml
. If you use your credentials to log in to the organizations listed inDEACTIVATE_NON_SSO_LOGIN_ORG_WHITELIST
, you receive an error message. To log in, enter your email address on the login page and click Sign in with SSO.
- The entire Cognigy.AI installation — set the
Log in with SSO
First time login
First time login
During the first login with SSO, you need to log in using your IDP credentials. Cognigy.AI redirects you to your configured IDP. You need to enter your IDP credentials to complete the login.
- Log in with Optional SSO
- Log in with Enforced SSO
- Go to the login page and click Login with SSO.
- Enter your email in the E-Mail field.
- Click Login with SSO.
- Click Sign in with SSO.
More Information
- Help Center articles: