...
Other SAML providers should work as well, and this documentation will grow as we encounter customer requests for additional providers.
...
Environments
The ClinSpark portion of the configuration currently must be configured by IQVIA Support, and requesting this should be done via a Service Desk Ticket.
...
Be sure to test electronic signatures after enabling SSO. Signatures delegate verification of credentials to the Identity Provider (IdP). Support for this requires that ‘forceauthn’ is enabled on the IdP. IQVIA support does not provide support for IdP configuration, you will need to review the documentation for the IdP to see how this can be enabled if it is not on by default.
The Password Reset functionality is not relevant to SSO - enabled accounts, as this only controls passwords controlled by ClinSpark.
The following ‘User Details’ settings are not relevant to SSO - enabled accounts: ‘Password’ (and confirmation), ‘Password Can Expire’, ‘Password Expire Date’ and ‘Two Factor Authentication’.
The Service Provider Certificate (also referenced as the ClinSpark Certificate in the user interface) is generated by a base64 encoded Java keystore value. This is provided by the IQVIA engineering team. In context of the SSO features, the service provider is the ClinSpark application.
Abbreviations
Abbreviation | Description |
|---|---|
IdP | Identity Provider |
SSO | Single Sign On |
SAML | Security Assertion Markup Language |
ADFS | Active Directory File System (By Microsoft) |
Azure AD | Azure Active Directory (Cloud Service by Microsoft) |