Enterprise Single Sign-On
Smartling provides customers wishing to manage their users via their company’s Single Sign-On (SSO) server with two integration options.
OpenID Connect 1.0:
OpenID Connect (OIDC), is a JSON-based identity management layer built on top of the OAuth 2.0 protocol. Customers may work with Smartling engineering to integrate their OIDC service as an upstream identity provider. Once configured, customers can use their OIDC service to authenticate users to Smartling. Login is initiated using one of the flows below.
Security Assertion Markup Language 2.0:
Security Assertion Markup Language (SAML), is an XML-based standard for exchanging authentication and authorization data between security domains. Customers may work with Smartling engineering to integrate their SAML 2.0 service as an upstream identity provider. Once configured, customers can use their SAML 2.0 service to authenticate users to Smartling. Login is initiated using one of the login flows documented below.
Smartling supports two login flows for initiating login from Smartling.com services using your authentication server.
Link Based Login:
Customers who maintain an internal portal and expect users to follow links from this portal into Smartling may use our link based flow. For this flow to work, Smartling will provide a link to your account or project, such as:
Account links: https://sso.smartling.com/sso-apps/dashboard/accounts/1111111
Project links: https://sso.smartling.com/sso-apps/dashboard/accounts/1111111/projects/2222222
When following one of the links above, Smartling’s SSO server will know to use your company ODIC or SAML service for authentication. Instead of seeing the Smartling login form, the user will immediately be redirected to your login URL. When login completes on your authentication service, the user will be redirected back to Smartling and fully authenticated.
Form Based Login:
Customers who expect users to access Smartling.com services via a direct link may prefer to use our form based login flow. With form based logins, users will see the normal Smartling login form, however, they will not be required to input a password. Based on the domain configured with Smartling for SSO, the user will be redirected to your login URL. When login completes on your authentication service, the user will be redirected back to Smartling and fully authenticated. For example, if your company domain is @example.com, the authentication flow can be configured to redirect all firstname.lastname@example.org login attempts to your SSO server when the user enters credentials on Smartling’s login form. Using this flow, the password field on the Smartling login form will be ignored.
Please contact Smartling to setup SSO.