Enable SSO

This page describes what you need to set up in the Developer Console to use LINE WORKS single sign-on (SSO).

Note

  • Setting up SSO in the Developer Console requires Administrator authority.
  • For more information about LINE WORKS SSO, see SSO Overview.
  • If you are not sure whether the service to integrate is an IdP or SP, see "IdP and SP" in SSO Overview or check the service information.

Prerequisites {#preparation}

SSO integration with LINE WORKS requires user identification values, which both LINE WORKS and the service must check and register in advance.

Note

  • When LINE WORKS functions as an SP, the user identification values of the IdP should be registered in LINE WORKS. For more information, see "Set external keys" in User LINE WORKS with Your Company Account (SP).
  • When LINE WORKS functions as an IdP, LINE WORKS IDs should be registered in the user information of the service. For more information, contact the service provider.

When LINE WORKS is an SP {#use-works-as-sp}

To let users log in to LINE WORKS with their service ID, follow the instructions below:

  1. Select SSO > WORKS as SP in the Developer Console.

  2. Select an option for SSO Type.
    You can select OAuth or SAML, depending on your service.

  3. Specify Web Login URL.
    It is the customer's login page URL that is displayed when users log in to LINE WORKS. Create a login page to fit the customer's needs.

  4. Specify Logout URL.
    It is the customer system URL to let members log out of the service after logging out of LINE WORKS.

  5. Add authentication information based on the selected SSO Type.

    • SAML
      • Certificate File: It is a certificate to verify authentication information. The service side can download a certificate file (in PEM format only).
    • OAuth
      • Client ID/Client Secret: It is authentication information used for LINE WORKS to request an authentication token from the customer SSO system.
      • Access Token Return API: It is a URL for LINE WORKS to request an authentication token from the customer SSO system.
      • User info return API: It is a URL for LINE WORKS to acquire the information of logged-in members from the customer system after an authentication token is issued.

  6. Click APPLY.

Caution

  • If you change SSO settings, all members will be logged out.
  • For more information, see "What you should be aware of" in Use LINE WORKS with Your Company Account (SP).

When LINE WORKS is an IdP {#use-works-as-idp}

To let users log in to the service with their LINE WORKS ID, you need to register the service information in LINE WORKS and then register the issued certificate file in the service. For more information, see Register SAML Apps.