Before you get started
The following document provides the information needed to set up SSO between LUCCA solutions and an authentication system using the CAS protocol.
Step 1: Creating the configuration in Lucca
This operation must be performed by an administrator or a user with access to the "Authentication and SSO parameters" module.
1. Activate the appropriate authentication method depending on the protocol (OAuth 2.0, SAML 2.0, ...) and your IdP.
2. Get a range of information in the “Lucca service provider information” section. In this example, it is a SAML 2.0 protocol, but it is applicable for other protocols:
- Your connection URL;
- Your response URL;
- Your metadata URL (SAML2.0 only);
- Your Lucca identifier (SAML2.0 only).
Step 2: Integration
https://login.ilucca.net/sso-v2/signon/callback/00000000-0000-0000-0000-000000000000
This involves authorizing LUCCA within your CAS authentication system by integrating the URL supplied to you.
Step 3: Setting up LUCCA
Once the configuration has been completed in your management interface, you need to return to Lucca's authentication parameters to enter the following information:
- the public URL for access to your CAS authentication system
- the LUCCA field corresponding to the user identifier sent in the CAS token: email address or login
Once this information has been entered and saved, you can activate the SSO connection as soon as you are ready:
Once the login via SSO has been activated, you can prevent employees from accessing the Lucca login page with their Lucca login and a personalized password, by deactivating the "Lucca login/password connection” option.