Authentication in the SABIO Integrator
Authentication for the Serviceware Knowledge Integrator
The Serviceware Knowledge Integrator is linked to an existing SABIO 5 system. Every user can login to the Serviceware Knowledge Integrator with his/her username and password from the linked Serviceware Knowledge system. The login to the Serviceware Knowledge Integrator is also possible via Keycloak and WebSSO in case the login to the linked SABIO 5 System requires this.
Use Cases for Authentication in the Serviceware Knowledge Integrator
As user I want to login to the Serviceware Knowledge Integrator with my username and password, so that I can access knowledge in Serviceware Knowledge fast from the web applications I use for my daily work.
As user I want that the Serviceware Knowledge Integrator supports SAML login, so that I can login conveniently via the same IdP in the Serviceware Knowledge Integrator as in the linked SABIO 5 system.
Login Flow with Username and Password
To login to the Serviceware Knowledge Integrator with a username and password, the user clicks on the Serviceware Knowledge Icon in the browser bar. Then a new window appears in which the user can enter the URL of the SABIO system that should be linked to the SABIO Integrator.
Here is the possibility that the Serviceware Knowledge integrator remembers the URL to which it is connected. Then it does not have to be entered again at the next login.
After the user has entered the URL of the desired Serviceware Knowledge system and continued the login process by hitting the button “Continue to login” the user is redirected to a window where he can enter his username and password to login in to the Serviceware Knowledge Integrator.
By clicking the “Back” button the user can navigate back to the window, where he can enter the URL of a Serviceware Knowledge system. If the user clicks on the “Login” button, his login data is sent to the linked Serviceware Knowledge system and he is logged in if his credentials are correct. If the password or username are incorrect the user receives an error notification.
Note: When a user logs in to the Serviceware Knowledge Integrator in one browser tab, he/she is automatically logged in in all browser tabs.
Login Flow with SAML and Keycloak
The Serviceware Knowledge Integrator supports WebSSO with Keycloak, if the linked Serviceware Knowledge system uses WebSSO with Keycloak. The the user is also logged in to the Serviceware Knowledge Integrator via Keycloak when the user clicks “Continue to login”. The login is carried out in a new browser tab. If the user is already logged in at his Identity Provider and direct routing to this IdP is configured in Keycloak the login process is executed fully automated. If no direct routing is configured, the users sees the Serviceware Knowledge login window, in which he has to select the identity provider that he wants to use as authentication method. The the user is redirected to the login page of the identity provider. After the new browser tab has closed automatically the user is logged into the Serviceware Knowledge Integrator.
Logout Flow
The user can log out of the Serviceware Knowledge Integrator via the option menu that opens when the user right-clicks on the Serviceware Knowledge icon in the browser bar.
Note: When a user logs out of the Serviceware Knowledge Integrator in one browser tab, he/she is automatically logged out in all browser tabs. If the user only wants to hide the Serviceware Knowledge Integrator in the current tab, the user can click on the SABIO symbol next to the search bar in the browser. Another click on the symbol opens the Serviceware Knowledge Integrator again.
When a user synchronises Chrome with his/her Google account, the current login is retained. After completing the synchronisation the user can immediately continue working.