Reference Guide
Single Sign On (SSO)

User Settings to use SSO

3 min

Create a user that will connect to the target database with SSO.

In this example ssouser will connect to MSSQL with SSO
In this example ssouser will connect to MSSQL with SSO


The second password definition is required to provide authentication to the SQL Proxy when using SSO. In the Portal Functions screen, the Second Password Enabled function should be assigned to the user group that will use the SQL Proxy SSO feature.

To activate the second password use:

  1. Navigate to Portal Function > Function Group Definition > Add+ 
  2. Create a Function group that has netright.users.module.Visibility and second.password.enabled 
SSO Function Group
SSO Function Group

  • Fill in the realm name, select the SSO function group and the user group that will be using the SSO feature for SQL Proxy, and click Save. 
SSO Second Password Enabled function
SSO Second Password Enabled function


After enabling the second password for a user group, the users in that group can assign their second passwords to their accounts in the Account Settings screen.

User Profile Settings
User Profile Settings

User Profile Settings
User Profile Settings


The Second Password expiration parameter should be defined in the System Config Manager. The TTL day parameter defines the maximum use time allowed for the Second Password. 

  1. Navigate to Administration > System Config Man
  2. Add the aioc.second.password.ttl parameter with a value (in days). 

If this value is set to "-1" and “0”, the SSH Key will never expire. The TTL value can be set between -1 and 10000. 



PREVIOUS
SQL Proxy Configuration for SSO
NEXT
Device Group Configuration in SSO
Docs powered by Archbee