Single sign-on settings in a single-authentication environment

Domain

The domain where the Blue Prism Security Groups will reside needs to be specified. The fully qualified domain name (e.g. "global.MyDomain.local") must be entered.

Verify connection

The Verify Domain button can be used to validate that Blue Prism can connect to a domain using the name provided from the current device.

Administrators group

When configuring single sign-on for Blue Prism it is necessary to select an Active Directory security group whose members will be granted access to all areas of Blue Prism. The configuration of single sign-on for Blue Prism should be undertaken as a user who belongs to this security group.

Once the database is created and configured for single sign-on, a Blue Prism administrator should sign into Blue Prism and configure the required Blue Prism user roles. Once these have been defined, each role should be associated with an Active Directory security group via the Security - User Roles screen.

Active Directory database conversion

Administrators who are members of an Active Directory domain can convert a single-authentication Active Directory environment (current database type with roles mapped to Active Directory groups) to a multi-authentication Active Directory environment (allows multiple authentication methods with users mapped to roles individually). This is a one-way, irreversible operation which converts all single-authentication Active Directory accounts in a Blue Prism environment to multi-authentication Active Directory accounts, automatically mapping roles to individual users based on their Active Directory security group membership (after which group membership is no longer relevant).

This operation makes irreversible changes to your database so before continuing, ensure that you have backed your database, stopped all processes, and all users are logged out of the environment. Please be aware that depending on the number of users you are converting, the database conversion might take a few minutes.

For more details, see Single sign-on.

Troubleshooting

If you experience issues, see Single sign-on troubleshooting.