Single Sign On Implementation Instructions
Single Sign On (SSO) is a session and user authentication service that permits a user to use one set of login credentials (e.g., username and password) to access multiple applications. The service authenticates the end user for all the applications the user has been given rights to and eliminates further prompts when the user switches applications during the same session.
The following instructions describe the process involved in the rollout of Single Sign On to your organization. Note that this process involves activities on the part of both PG Calc and your organization. If you have any questions, please contact PG Calc Client Services at 888-474-2252 or support@pgcalc.com.
- Client reviews this document and prepares any questions.
- PG Calc schedules kick-off meeting to review the SSO implementation process with the client.
- Client communicates to PG Calc the nature, facilities, and extent of testing if required prior to SSO go live.
- Client and PG Calc exchanged meta data files (.xml format) containing relevant SSO meta data, as well as respective PG Calc and client encryption certificates.
- Client, acting as Identification Provider (IdP) for their environment, must ensure that IdP identifiers match individual user names in GiftWrap. If that is not the case, and the client chooses to change existing GiftWrap user names, the client must contact PG Calc.
- PG Calc will enable SSO for the client in the GiftWrap system application.
- PG Calc and client select a go-live date for SSO.
- Client will enable SSO for each user configured in GiftWrap. PG Calc Client Services can help with this process.
- PG Calc schedules a go-live meeting to confirm successful operaton of single sign on.
Once SSO has been implemented, GiftWrap users will be able to login into the application through the standard organization IdP, similar to the manner in which users log into all other applications listed in the organization's portal.
Two-Factor Authentication Implementation Instructions
Two-Factor Authentication (2FA) is a security protocol used to enhance the typical application login based on username and password. When implemented, 2FA requires that a user login by providing a username and password, as well as an authentication code that is received by the user via phone, hardware token, or landline, and communicated to GiftWrap. Note that 2FA can be implemented on a stand-alone basis, or in conjunction with Single Sign On.
The following steps are required in the rollout of Two-Factor Authentication to your organization. Note that this process involves activities on the part of both PG Calc and your organization. If you have any questions, please contact PG Calc Client Services at 888-474-2252 or support@pgcalc.com.
- Client reviews this document and prepares any questions.
- PG Calc schedules kick-off meeting to review the 2FA implementation process with the client.
- PG Calc configures the Client for two-factor authentication, and the periodicity of required authentication, as specified by the client, in the GiftWrap system app. Note that Two-Factor Authentication licenses are activated on a per-user basis. As such, the total number of concurrent Two-Factor Authentication logins are limited by the total number of 2FA licenses purchased by your organization.
- Client activates Two-Factor Authentication support for each desired user within their GiftWrap user accounts.
- Client sets up each user following procedures associated with the authentication device selected for each user (smart phone, land line, text, hardware token/fob).
Once the steps above have been implemented, Two-Factor Authentication is activated, and will apply for each configured user.
