About Single Sign-On

To make using the ROM user interface easier for your staff, you can implement Radial's single sign-on capability.

With single sign-on, users can access the ROM user interface with their company credentials. Single sign-on also enables you to avoid password resets and unlocking users in ROM.

How It Works

In this release, single sign-on works by using your company's authentication services to verify the identity of a user. Once a user is authenticated through your company's website, ROM takes over to enable the user's roles and permissions within the ROM user interface.

ROM uses the Security Assertion Markup Language (SAML) protocol to perform this handoff.

Note: If your company uses a different protocol to manage single sign-in capabilities, Radial may be able support it. Contact your Radial representative if you require a different protocol.

The SAML protocol requires a Principal, an Identity Provider (IdP), and a Service Provider (SP).

  • The SP is the application that the user wants to access. In this case, the SP is the ROM user interface.

  • The Principal is the user of the service. In this case, the principal is the user who wants to log in to the ROM user interface.

  • The IdP is the application that authenticates the user. In this case, the IdP is the user's company and Radial client.

When a user tries to log in to the ROM user interface, the sign-on screen appears.

At the bottom of the screen, the user can enter either their company's name or their email address. When the user clicks or taps the Continue button, ROM sends a request to the user's company to authenticate the user.

The company then displays their sign-on screen and requires the user to provide their assigned credentials. If the company determines that the credentials are valid, SAML relays the authentication back to ROM. ROM then allows the user to access the ROM user interface and displays the ROM user interface Welcome screen.

Once the user is logged in, the ROM user interface appears and the user can proceed. ROM controls all the roles and associated permissions previously defined for that user.

Configuration

To set up and configure single sign-on for your organization, consult your Radial representative.