SPP and Active Directory integration

Hi Daniele,

If you are logging into SPP directly as a server provider initiated login, you could set an option via Core API to ForceAsDefault one of the authentication providers for example:

Login to the SPP Core API:
https://<safeguard>/service/core/swagger

- Expand the AuthenticationProviders endpoint
- Find the ID for the Authentication Provider
GET ​/v4​/AuthenticationProviders > Gets a queryable list of authentication providers

- Set the Authentication provider ID for your AD login for example as default:
POST ​/v4​/AuthenticationProviders​/{id}​/ForceAsDefault

The description from Swagger Core API below might get you closer to a seamless login:

---

When ForceAsDefault is set to {true} on a provider, the login page will not display a drop down list of all available providers. Instead, the end user will be defaulted in to using the specified provider. Only one provider can be marked as the default at a time. When updating the specified provider, any previously set default will be cleared. <br>If a default provider is set and you need to log in using some other provider, like the Safeguard Local provider in order to log in as a local administrator user, a query string parameter can be appended to the login page URL, 'primaryProviderID', where the value is set to the 'RstsProviderId' you need. For example, "https://<safeguard>/RSTS/Login?response_type=token&redirect_uri=https%3A%2F%2F<safeguard>%2F&primaryProviderID=local". You cannot set a provider that is used for two-factor authentication as the default.<br>This functionality is only applicable to web browser based logins, not programmatic API/OAuth2 logins.

---

Thanks!

Hi Daniele,

If you are logging into SPP directly as a server provider initiated login, you could set an option via Core API to ForceAsDefault one of the authentication providers for example:

Login to the SPP Core API:
https://<safeguard>/service/core/swagger

- Expand the AuthenticationProviders endpoint
- Find the ID for the Authentication Provider
GET ​/v4​/AuthenticationProviders > Gets a queryable list of authentication providers

- Set the Authentication provider ID for your AD login for example as default:
POST ​/v4​/AuthenticationProviders​/{id}​/ForceAsDefault

The description from Swagger Core API below might get you closer to a seamless login:

---

When ForceAsDefault is set to {true} on a provider, the login page will not display a drop down list of all available providers. Instead, the end user will be defaulted in to using the specified provider. Only one provider can be marked as the default at a time. When updating the specified provider, any previously set default will be cleared. <br>If a default provider is set and you need to log in using some other provider, like the Safeguard Local provider in order to log in as a local administrator user, a query string parameter can be appended to the login page URL, 'primaryProviderID', where the value is set to the 'RstsProviderId' you need. For example, "https://<safeguard>/RSTS/Login?response_type=token&redirect_uri=https%3A%2F%2F<safeguard>%2F&primaryProviderID=local". You cannot set a provider that is used for two-factor authentication as the default.<br>This functionality is only applicable to web browser based logins, not programmatic API/OAuth2 logins.

---

Thanks!