Kumospace allows users to integrate OpenID Connect (OIDC) and OAuth 2.0 protocols for single sign-on (SSO), with a view to increasing security and convenience. This feature is available on our Enterprise plan.
In simple terms, OpenID Connect is an identity layer that allows our clients to verify the identity of their end users based on the authentication of their identity provider (IdP).
SSO is an authentication method that allows users to securely access Kumospace using credentials from another system, e.g. their company log-in information.
This is similar to logging in using your Google or Facebook account, as you don’t need to manually create your Kumospace account, or create and remember your password.
In order to set up SSO in Kumospace, you can sign up for our Enterprise plan. Book some time to talk to our sales team and we will be happy to help. Scope out our Pricing page for more information on our paid plans.
Create a Kumospace account on which you’d like to implement SSO.
Configure your identity provider to accept authorization requests from Kumospace, using the information below. In turn, Kumospace will configure our application to issue authorization requests to your IdP.
We can then receive users’ credentials from your system. This step depends on your system configuration, but most often, you will be redirected to your sign-in page, and prompted to log in. We do not handle your personal password.
Your log-in system will send a “token” to Kumospace – a line of code that contains hidden credentials, like your name and email.
Finally, we can log you into Kumospace using the provided credentials.
Sign in redirect URL: https://kumospace.com/signin-redirect.
Scopes needed: OpenID profile email.
The desired Kumospace URL, e.g. https://www.kumospace.com/Your-Company-Name.
Your OpenID discovery document, e.g. https://…/well-known/openid-configuration.
Client ID.
Email domains to allow, typically your work email domain, or a list of domains if you have multiple.
Oftentimes, our users will need a SSO sign in for their company members, and a standard sign-in option for third-party guests to their Kumospace.
Once you’ve set up SSO integration with Kumospace, and you enter your Kumospace URL into your browser, you will be prompted to choose a log-in option – either SSO or a standard Kumospace login.
Click the Sign in with Company OKTA SSO button and you will be redirected to your company log-in page. You can also type ?login=sso at the end of your regular Kumospace URL, into your browser, to go directly to your company log-in page.
If you wish to log in as a guest, select the Sign in with Kumospace button, and you will be redirected to log in using the standard Kumospace log-in options, either your email, Google or Facebook accounts. Alternatively, you can type ?login=standard at the end of the Kumospace URL to go directly to the standard Kumospace log-in page.
Downloading the Kumospace mobile app? Read this guide to learn how to install the mobile app on an iOS or Android device.
Downloading the Kumospace mobile app? Read this guide to learn how to install the mobile app on an iOS or Android device.
Tech issues got you down? Read this FAQ guide to learn about answers to common technical issues & troubleshoot solutions to your problems.
Find an issue in Kumospace? Learn how you can report a problem to our team & how we integrate reported bugs into our queue of continuous improvements.