External single-sign on identity provider

Depending on how your tenant was set up during provisioning, users who access your website from a third-party website can be automatically signed in to your website.

To use this functionality, you must use an external IDP server to manage authentication for your Rhythm websites and for the third-party websites. To configure your Rhythm tenant to point to the external IDP server, contact an Infor representative.

If you use an external IDP that is not ADFS 3.0 compliant, an Infor representative can specify the IDP URL to authenticate user credentials when users attempt to directly access web pages that require users to be signed in to the website. The Infor representative specifies the IDP URL in the Single Sign-on URL Override field that is located in the SSO External section of the Control Panel. If the IDP is ADFS 3.0-compliant, the field should be left blank.

The method for setting up single sign-on depends upon the Rhythm suite. For example, if you are using , then you must manually create users in both and the IDP server to enable single sign-on. See the user guides for your Rhythm suite for more information.

If you are using Rhythm Portal as a stand-alone product and the user is accessing your Rhythm website for the first time, the credentials that the user specified to sign in to the third-party site are used to create credentials for your website. If the user has accessed your website before, the user is signed in with existing credentials.