Configuring Single Sign-On in Specification Compliance Manager

Specification Compliance Manager supports single sign-on (SSO) solutions that use OpenID Connect for user authentication across multiple applications. This functionality enables usage of several common SSO providers including PingFederate, Azure ADFS, and Okta. Refer to the OpenID Connect Certifications documentation for a full list of certified SSO providers.

Specification Compliance Manager relies on SystemLink functionality to enable support for SSO solutions. Refer to the Single Sign-on with OpenID Connect section of the SystemLink Operations Handbook for more information, including a list of supported encryption algorithms and references to relevant OpenID Connect provider documentation.
  • Configure a DNS name for the Specification Compliance Manager server.
  • Ensure that the local machine has administrator-level access to the Specification Compliance Manager server.
  • Set up an OpenID Connect provider server for OpenID Connect authentication.
  1. Log in to the Specification Compliance Manager server and navigate to: %PROGRAMFILES%\National Instruments\Shared\Web Server\conf\openidc
  2. Add the configuration files for your OpenID Connect provider to the openidc folder.
  3. Open NI Web Server Configuration.
  4. Open the Authentication tab and enable Use OpenID Connect (advanced).
  5. Click Apply and restart.

OpenID Connect Provider Configuration Files for Specification Compliance Manager Server

The Specification Compliance Manager server requires three configuration files to enable OpenID Connect provider authentication for user accounts. Refer to the following list for a definition of each file, where URL is the URL-encoded fully qualified domain name for the OpenID Connect provider.

Tip

Specification Compliance Manager relies on SystemLink functionality to enable support for SSO solutions. Refer to the Single Sign-on with OpenID Connect section of the SystemLink Operations Handbook for more information, including a list of supported encryption algorithms and references to relevant OpenID Connect provider documentation.

  • URL.conf—Describes the scopes Specification Compliance Manager will request, the text and icon for the provider login button, and private keys for ID token key management encryption.
    Note iconUri, which defines the icon on the login button, is relative to the following file path: %PROGRAMFILES%\National Instruments\Shared\Web Server\htdocs\scm
  • URL.client—Contains information that the NI Web Server uses to authenticate with the OpenID Connect provider.
  • URL.provider—Contains information about the provider OpenID Connect configuration which defines the endpoints that are used during the login process.