Release Notes - 201720 - Single Sign On - Sprint 1
Release | 201720 - Single Sign On - Sprint 1 |
Release
Date | Sept 2017 |
1. Summary
Single sign on will be added to the ClearMatch
application. The concept is to have one level of authentication not only for
all the sections of the application but also allow finance companies to make
use of their own company authentication for the purpose of authenticating users
into the ClearMatch application. The result of this will be that companies will
not need to have separate login credentials for their users to access Clearmatch.
Users will be able to use their company credentials.
2. Take
Note Of
- No new portal content blocks that have been added
that require personalisation.
- New security permissions that have been added
that need to be assigned to user groups to allow access.
- The following articleswill assist:
- If a finance company uses office 265 and would like to make use of the
single sign on, which we recommend, they will need to setup active
directory on their Office 365 account. See https://wiki.clearmatch.co/portal/kb/articles/office-365-sso-azure-ad-authentication-with-openid-connect
.
- To link the Clearmatch system user account to atcive directory - Single
Sign On - Linking Active Directory to Clearmatch Fusion Account
- How to use single sign on - Single
Sign On - Logging into ClearMatch Fusion with your Active Directory Account
- Authorisation code - Creating
or Changing an Authorisation Code
3. Release Details
Single
Sign In Using OpenId | |
| Finance company users can sign into
Clearmatch using the OpenId. For details on what OpenId is see http://openid.net/what-is-openid/ The sign in page will have the
following options: Access the sign on page with no
“providers” This option will be used by finance
companies that do not use OpenId for authentication and will continue to
login to Clearmatch using the Clearmatch username and password. In order to
do this the url to access clearmatch sign in will be https://fusion.clearmatch.co/ Access the sign in page and have
specific provider options available This option will be used by finance
companies that do use OpenId for authentication and would like to have the
option of using their company authentication as well as allowing users to
enter a username and password. This becomes useful in instances where a
finance company has auditors that come in or perhaps another company that
does their collections etc and they want these users to use a username and
password but for their company users they want to allow them to easily use
their company authentication. In order to do this the url to access
clearmatch sign in will be https://fusion.clearmatch.co/?provider=XXX XXX being the provider name Login directly into a provider without
displaying the sign on page This option will be used by finance
companies that do use OpenId for authentication and would like to log
directly into ClearMatch without displaying the Clearmatch sign in page. In
order to do this the url to access clearmatch sign in will be https://fusion.clearmatch.co/?provider=XXX&skip=1 |
Authorisation
of tasks in Clearmatch | |
| An authorisation code will be added to
the system users. This code will be used by users when they need to authorise
an action in the application. This replaces the need to supply a password for
users and supervisors. |
On
portal - even if member security permission does allow bidding, can still see
bidding menu | |
| - go to member security permission |
help
message used twice on app page | |
| On step 3 of application page the help
message on the “other income” and the “partners income” is referencing the
same message |
4. Data
Warehouse
| | |
| | |
5. Portal
Content (Content Blocks, Validation Messages, Help Messages)
The
following content, help and validation messages have been added and need to be personalised.
TypeName | Content | Key Name | Page Name |
HelpMessage | empty | ht_raise_partnerincome | Unsecured Loan Application |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
6. Security
Settings Added
The
following new security permissions are available and need to be assigned to the
correct user groups to enable access.
REMEMBER DO NOT ASSIGN ANY DELETE PERMISSIONS TO ANY
USER GROUPS
Permission Type | Class Name | Can Create | Can Delete | Can Read | Can Update |
Class | ExternalLogin | 1 | 0 | 1 | 1 |
Method Access
Permission
Type | Class
Name | Method
Name |
ClearMatchSystemUser | AddExternalLogin | |
Method | ClearMatchSystemUser | UpdateAuthorisationCode |
7. Documents
To Reference
Title |
Single sign
on Task Breakdown.doc |
Related Articles
Release Notes - 201720 - Single Sign On - Sprint 2
Click here to view the release notesRelease Notes - 201704 - Saint Bernard (revalue of settled accounts) - Sprint 1
Click here to view release notes.Release Notes - Payment Holiday
Click here to view the release notes.Release Notes - 201715 - Pangolin
Click here to view the release notes.Release Notes - 201841 - Matamata
Click here to view the release notes.