You can now add additional login methods to your Memtime Premium account
Memtime Premium accounts and above now have the possibility to enter login methods other than regular credentials, such as email and password.
If you want to have this option, but you have a Basic or Connect account, you can upgrade from your Customer Portal. In this article, you will find a step-by-step guide.
This option must be configured by the account admin and provides different procedures, depending on the login method to be added. However, regardless of the identity provider you choose, the login process will always be the same, being a redirect.
The first step to be able to configure login options is to enable them.
To do this, the user must access his Customer Portal > Account settings.
By default, the login method is e-mail and password. At this point, it is also possible to enable access with a Google account:
To enable other SAML methods, the user must access Customer Portal > Login Methods > Add SAML > Select the desired SAML provider:
How to set up Google as Login Method
1. First, select the "Google" option in Customer Portal > Account Settings:
2. Once "Google" has been enabled, it will be displayed as an available option in Customer Portal > Login Methods:
3. Clicking the "Set up" button will open a pop-up window prompting the user to either enter an e-mail address and password, or to select an existing Google account:
4. When the desired option has been selected, the pop-up window will close by itself and the Login Method will be added to the list of "Active Login Methods" in the Customer Portal > Login Methods:
From this moment on, this method can be used by the user to login.
How to set up SAML Based Login Methods
For all these methods, the first step is to go to Customer Portal > Login Methods, and select "Add SAML". From here, the procedure will be different depending on the identity provider selected.
Entra ID
1. After clicking on "Add SAML", the "Enter ID" option must be selected:
2. The modal configuration will then be requested.
For Entra ID, all fields are required.
To configure Entra ID from scratch and obtain the data for the modal configuration, the admin user who does so must follow these steps.
a. Log in to Microsoft Azure > Microsoft Entra ID.
b. In Microsoft Entra ID > Enterprise Applications, a new application must be created to integrate with Memtime.
c. Click on "Set up single sign on".
d. At this point, you must enter the first section, "1. Basic SAML Configuration" where after clicking on "Edit" you will be able to paste a Reply URL you will find in the pop-up of Memtime's Customer Portal:
e. The rest of the required information can also be found in Microsoft Azure > Microsoft Entra ID > Enterprise Applications > the application that has been created > Set up single sign on > 3. SAML Certificates. Specifically, you will find the App Federation Metadata URL, as well as the Federation Metadata XML.
The PEM Certificate and the Raw Certificate can be found by clicking on the Edit button, and then on the three dots:
f. Once all fields have been completed in the Memtime pop-up, the information can be saved by clicking on "Save".
From this moment on, Entra ID will appear as an available Login Method.
The user will then be able to click on "Set up" and another pop-up window will ask for Microsoft credentials, giving the user the option to request either a user or enter an email address and password.
By default, Entra ID, makes available a number of attributes, referred to as “claims” in the reply our backend receives when someone logs in with this login method. Admins configuring Entra ID must ensure these attributes are left untouched and that they are available to us; this can be done by them by simply verifying that the attributes in 2. Attributes and Claims are displayed in their configuration.
Other SAML Providers
To add other SAML Providers as additional login methods, the process is usually easier, as less information is required. To enable them, the admin must access Customer Portal > Login Methods > Add SAML > Other SAML Provider:
Okta
A good example is Okta. In its case, only the App Federation Metadata URL, and the Federation Metadata XML are required:
To find them, the user must go to Okta > Applications > Sign On > Metadata URL.
This URL should be pasted as App Federation Metadata URL.
To obtain the XML, you must go to the link, save the Metadata and then upload it as Federation Metadata XML.
Once all fields have been completed in the Memtime pop-up, the information can be saved by clicking on "Save". The user will then be able to click on "Set up" and another pop-up window will ask for the credentials, giving the user the option to request either a user or enter an email address and password.
Auth0
On the other hand, Auth0 is usually the simplest method to configure, as it only requires the Reply URL.
To connect this method, follow the steps described above (i.e. Customer Portal > Login Methods > Add SAML > Other SAML Provider). Here, you can copy the Reply URL, and once you have it:
- Log in to Auth0 Dashboard.
- Go to Applications and select your application. In case you have not created it yet, you can do it now.
- Scroll to "Application URLs" and find "Allowed Callback URLs."
- Add your Reply URL(s) in this field.
- Click "Save Changes."
Once this is done, you can go back to the Memtime Customer Portal and you will find Auth0 as Login Method. Click on "Set up" to enter your credentials, and you are ready to use it!
Other SAML Providers
To add other SAML Providers, you will also be prompted for the Reply URL. If you have problems adding them as additional login methods, please reach out to our support team.
Whichever Login Method you have chosen to add, you can enable or disable it from Customer Portal > Account Settings:
Depending on the options that have been selected, the user will see one or the other at the time of Login.