7 Replies Latest reply on Jan 12, 2012 4:05 PM by Dan Ashton

    Single Sign-on question

    astroboi03 Journeyman



      Is it possible to implement a single sign-on functionality to automatically log-in to a third party application which will be accessed inside Ariba? We need to somehow integrate a third party web application inside ariba (via hyperlink) and when the user clicks it, it will then be automatically logged in to another web application. We're using Ariba 9r1.


      Thanks in advance. 

        • Re: Single Sign-on question
          ibah Apprentice

          Hi -


          Yes, it may be possible. I personally have not seen this implemented by anyone yet. But, I think it could be done, and the first step would most likely be to integrate the third party Web application with Ariba. Then, setup SSO with Ariba. From there, Ariba notices that organization is configured for corporate authentication and, instead of dispalying a login page, it simply does a redirect to your relay page by passing a randombly generated challenge key. It goes thru the process, and when there is a match the user is authenticated.

          1 of 1 people found this helpful
            • Re: Single Sign-on question
              ManiKant P Novice

              Hi ibah,


              could you please provide we any information related to the sso config for ariba.

              I mean any digital certificates are need to configure sso, is the sso config is using saml or not ?..


              Could you please provide any information about these.




                • Re: Single Sign-on question
                  ibah Apprentice

                  Hi Mani,


                  Yes, I can. Ariba supports both Corporate Authentication, and SAML 2.0. For Corporate Authentication Ariba requires certain information about your environment to enable Remote Authentication, and they are:


                  1. Your public RSA key if you are using Ariba Remote Relay Authentication protocol or your public certificate if you  are using Ariba SAML 2.0 HTTP Post binding protocol

                  2. The URL of your Remote Authentication Relay page, also known as your login page

                  3. The URL of a "Logout Page", which is the page that you want users to see after their sessions ends.


                  We have some very good documentation regarding Ariba corporate Authentication and SAML posted on http://connect.ariba.com along with some sample code to get you started. Just search for Ariba RemoteAuthentication.


                  Hope this helps. Let me know if you have further questions or need more information. Thanks.



              • Re: Single Sign-on question
                Dan Ashton Master

                Hi Mani,

                Yes it is possible to accomplish what you want but it is not out of the box.  You would have to build and maintain this yourself or I would suggest the assistance of Ariba Services.  You can connect with Jennifer Satterwhite jsatterwhite@ariba.com and she will point you in the right direction at Ariba.



                • Re: Single Sign-on question
                  Ryan Kingsland Apprentice

                  dashton can this be closed as answered?