#Article-1834584685
--- FR ---
⚙ > /FlowFitTMS/#/authentification
Cette page de configuration permet de gérer le type d'authentification requis pour accéder aux portails FlowFit, notamment si vous souhaitez utiliser le SSO (Single Sign On), mots de passe, Active Directory, SAML, ADFS, etc. pour chaque portail.
Vous pouvez définir la liste des domaines d'adresses électroniques autorisées à s’enregistrer et à accéder à FlowFit.
Pour autoriser toutes les adresses électroniques, laissez le champ vide. Vous pouvez également décider du nombre de tentatives de connexion à autoriser, du niveau de sécurité du mot de passe, du nombre de jours avant l'expiration du mot de passe et du nombre de mots de passe dans l'historique.
Comment configurer l'authentification par défaut du portail client
Allez sous ⚙ > /FlowFitTMS/#/authentification
Cliquez sur l'onglet Portail client.
Cliquez sur Ajouter.
Description : Saisissez la description de la configuration de l'authentification.
Mode par défaut : Si un utilisateur se connecte au portail Client sans faire partie d'un groupe Client, cette configuration sera utilisée par défaut.
Mode d'authentification : Selon l'option sélectionnée, des champs spécifiques seront affichés.
Cliquez sur SAUVEGARDER.
Définissez ce mode d’authentification comme étant celui par Défaut avant de créer d’autres modes, si nécessaire.
Vous pouvez maintenant associer un mode d'authentification spécifique du portail Client à un Client spécifique.
Comment configurer des modes d’authentification multiples pour le portail client
Si aucun mode d’authentification n’est configuré dans un profil Client, alors le mode par Défaut sera appliqué.
Allez sous /FlowFitTMS/#/Clients.
Double-cliquez sur le profil Client désiré.
Cliquez sur EDITER dans le coin supérieur gauche.
Allez dans l'onglet Informations générales.
Localisez la section Portail client.
Entrez l’URL du portail client contenant la clé d’authentification unique du Client, si applicable.
Cliquez sur SAUVEGARDER.
Comment configurer une authentification SSO hybride
Vous pouvez autoriser les linguistes internes à utiliser l'authentification SSO pour se connecter au portail FlowFit Provider, tout en permettant aux prestataires externes de se connecter avec leurs propres adresses courriel et mot de passe dans ⚙ > Sécurité > Authentification > Fournisseurs.
Par exemple, si l'authentification SAML est configurée pour les utilisateurs de *@yourcompany.com, veillez à ajouter le domaine *@yourcompany.com dans le champ Utiliser SAML uniquement sur ce domaine.
Ainsi, lorsqu'ils atteindront la page de connexion du portail Provider, tous les utilisateurs internes ayant une adresse électronique *@yourcompany.com seront automatiquement redirigés vers la page de connexion SAML.
Les utilisateurs externes dont l'adresse électronique contient un autre domaine (par exemple *@gmail.com) accéderont à la page de connexion habituelle et se connecteront avec leur propre adresse électronique et leur mot de passe.
--- EN ---
⚙ > /FlowFitTMS/#/authentication
This configuration page lets you manage the type of authentication required to log in to FlowFit portals, especially if you wish to use SSO (Single Sign On): passwords, Active Directory, SAML, ADFS, etc., for each portal.
You can create a list of email domains authorized to register to and access FlowFit.
To allow all email addresses, leave the field blank. You can also decide the number of connection attempts to allow, the password security level, the number of days before password expiration, and the number of passwords in history.
What are the different authentication options
Important note:
Please ask your IT department to be put in touch with the Consoltec tech. team to help you understand and configure the different ‘’Log in’’ VS. ‘’Registration’’ methods to access the 3 FlowFit portals (especially the Client portal).
Here are some preparatory questions you are encouraged to review internally within admin users, and with your IT/security department.
Client portal login options for requesters:
https://MYCOMPANY.flowfitservices.com/FlowFitClient/account/login
Current system VS. new FlowFit system login preferences
How do requesters currently log into your system? Do you have the same preferences?
Or, do you want to explore new options?FlowFit Client portal Login page:
Would you like requesters to log in to the Client portal using their email address and a password they can reset with FlowFit ?
Or, would you like them to log in using SSO, SAML, Active Directory or other automated methods controlled by your company?Same/different email domains:
Do your requesters all have the same email address domain (for ex: xxx@company.com), or do they have 2 or more (for ex. xxx@companybranchAlpha.ca, xxx@departmentBeta.fr, etc.)
My request view:
Once logged in, do you want to allow requesters to view only the requests they have created ?
Or, do you want to allow them to see all the requester from their Client and/or Department group?
New request form:
Once logged in, do you want to allow requesters to change their Client and/or Department group when submitting a request? Or, do you want to avoid showing a drop-down menu of all Clients and Departments ?
Client portal registration options for requesters:
https://MYCOMPANY.flowfitservices.com/FlowFitClient/account/register
Current system VS. new FlowFit system registration preferences
How do your requester currently register to your system? Do you want to copy the current way?
Or, do you want to explore new options?Would you like to allow new requesters to create their account themselves?
Or, do you want to block this option and have PMs or admins create new requester’s accounts?Except for their first name, last name, Client and/or Department and email address, is there any other information which should be retrieved in the requester’s profiles (for ex. user ID, phone number, etc.) ?
Do you want to allow new requesters to choose from a predefined list, the Client and/or Department they belong to?
Or, do you want their Client and Department group to be recognized automatically?Are you able to involve a few requesters during your test phase, to ensure they can successfully create an account?
How to configure a Client portal default authentication mode
Go to ⚙ > /FlowFitTMS/#/authentication
Click on the Client portal tab.
Click on Add.
Description: Enter the authentication configuration description.
Default Mode: If a user log in to the Client Portal without being part of a Client group, this configuration will be used as default.
Authentication Mode: Depending on which option is selected, specific fields will be displayed.
Click on SAVE.
Define this authentication mode as the Default one prior to creating other ones, if needed.
You can now pair up a specific Client portal authentication mode with a specific Client.
How to configure client portal multi-authentication modes
If no authentication mode is configured within a Client profile, the default mode will be applied.
Go to /FlowFitTMS/#/Clients
Double-click on the desired Client profile
Click on EDIT in the top-left corner
Go to the General information tab.
Locate the Client portal section.
Select the applicable Client portal authentication configuration in the drop-down list.
Input the Client unique authentication key Client portal URL, if applicable.
Click on SAVE.
How to configure a hybrid SSO authentication
You can allow internal linguists to use the SSO authentication to log in to the FlowFit Provider portal, while allowing external providers to log in with their own email addresses and password in ⚙ > Security > Authentication > Provider.
For example, if the SAML authentication is configured for users of *@yourcompany.com, make sure to add the *@yourcompany.com domain in the Use SAML only on this domain field.
This way, when reaching the Provider portal log in page, all internal users with a *@yourcompany.com email address will be automatically redirected to the SAML login page.
External users with any other domain in their email address (such as *@gmail.com) will access the regular login page and will log in with their own email and password.