Skip to main content

[New] How to set up Single sign-on (SSO)

Updated over 2 weeks ago

This article explains the features of the new LegalOn. For information on the current version’s product features, please refer to this page.

What is Single sign-on?

Single sign-on (SSO) allows users to access multiple systems with a single set of credentials. By enabling SSO, LegalOn users can log in through their existing Identity Provider (IdP). When SSO is enabled, the authentication method changes from email address and password to authentication via your IdP. LegalOn is confirmed to integrate with the following IdPs:

  • Microsoft Entra ID (formerly Azure Active Directory)

  • Okta

SSO is also compatible with other SAML 2.0-compliant IdPs.

Requirements

  • You are subscribed to a SAML 2.0-compatible identity provider (IdP) service (e.g., Microsoft Azure)

  • Your user authority in LegalOn is IT Administrator

  • Your email address registered with the IdP is the same as the one registered with LegalOn

*Contact your IT administrator to check your subscription status.

*Contact your sales representative to apply for the SSO feature.

Set up Single sign-on (SSO)

⚠️ Notes

  • Incorrect SSO settings can lock you out of your account.

  • After enabling SSO, verify successful login by following the steps in "Testing SSO Login" in a different browser or incognito mode while the SSO settings is still open.

  • Users whose email domain matches the domain configured in the SSO settings will log in with SSO. Other email domains will use standard email/password authentication.

1. Configure SSO on the IdP side

  1. In LegalOn, navigate to [Admin settings] > [Third-party integrations] > [SSO].

  2. Copy the "Endpoint URL" and "Entity ID" and use them to configure settings within your IdP. Setup procedures vary by provider. Contact your IdP for assistance.

If the "SSO settings" menu is missing:

  • This menu is only visible to SSO subscribers.

    • If you are subscribed and do not see it, contact support.

    • If you are not a subscriber, the information will not be displayed. Contact your sales representative to apply for the SSO feature.

2. Configure SSO on the LegalOn side

  1. Obtain the following information from your IdP (configured in Step 1-(2)):

    1. Endpoint URL

    2. Public Key Certificate (X.509 Certificate)

  2. Enter the email domain and the information obtained above in the fields for "IdP's Endpoint URL (HTTP-Redirect)" and "Certificate for the public key used by the IdP for signing (X.509 Certificate)".

  3. Click [Register].

⚠️ Notes

  • For the email domain, enter the portion after the "@" symbol.

  • The "Endpoint URL" may be labeled differently by your IdP (e.g., "Login URL").

  • For the "Public Key Certificate (X.509 Certificate)," include all text from the ".pem" file, including "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----".

3. Enable SSO

  1. Navigate to [Admin settings] > [Third-party integrations] > [SSO], and turn on the toggle [Enable SSO (Single Sign-on)].


  2. Click [Activate].


SSO is now enabled. The new login method will apply upon your next login.

4. Test SSO login

  1. Go to https://app.legalontech.com/ and click "Start".

  2. Enter your email address and click [Continue].

  3. Follow the on-screen instructions from your IdP's login page.


If the LegalOn dashboard appears, SSO login is successful.

Troubleshooting

You may be returned to the login screen on your first SSO attempt. If this occurs, click "Start" and re-enter your email address.

5. Disable SSO

  1. Navigate to [Admin settings] > [Third-party integrations] > [SSO].

  2. Toggle [Enable SSO (Single Sign-on)] to the "Off" position.

  3. Click [Disable].

The change in login method will apply upon your next login. Setup is complete.

Related Articles

Did this answer your question?