Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            FAQ: What is Needed for Single Sign-On (SSO) Setup for Charlie

            Modified on Sat, 29 Mar at 9:41 AM

            Q: What is needed to enable Single Sign-On (SSO) for Charlie? 

            A: SSO allows your users to seamlessly access Charlie using existing corporate credentials via Azure Active Directory (Azure AD).  SSO enhances security, reduces password fatigue for users, and simplifies the login experience. 


            Steps to configure SSO Connection in Azure AD

            Each environment—staging and production—requires an app registration within your Azure AD. The app registration helps establish a trusted connection between your Azure AD and Charlie.

            1. Create App Registrations:
              Set up two app registrations in your Azure AD: one for staging and one for production.  Your Implementation Manager will provide you with your Stage and Production URLs required for the app registrations.  They will looks something like this:

              • Stage Redirect URL: https://wlq-[WilqoClientId]-stg.us.auth0.com/login/callback

              • Prod Redirect URL: https://wlq-[WilqoClientId]-prd.us.auth0.com/login/callback

            2. Permissions Setup:

              • Assign the following permissions to the app registrations:

                • Users: User.Read – Allows the app to read user profiles.

                • Directory: Directory.Read.All – Allows the app to read your directory information.

            3. Provide Credentials:

              • As part of the registration a client ID and client secret for each environment will be created.   Please send those via secure email to shane@wilqo.com. We will handle the connection setup on our end.


            Create Security Groups for Role Assignment

            To effectively manage user roles in Charlie, security groups need to be configured in your Azure AD. These groups will be used to assign various roles within the application, ensuring each user has the appropriate permissions.

            1. Create Security Groups:

              • You need to create security groups that match the roles within Charlie. You can name these groups according to your preferences, but here are some suggestions for clarity:

                • LoanOriginator:

                  • Staging: wilqo-stage-loan-originator

                  • Production: wilqo-prod-loan-originator

                • LoanCloser:

                  • Staging: wilqo-stage-loan-closer

                  • Production: wilqo-prod-loan-closer

                • OperationsManager:

                  • Staging: wilqo-stage-operations-manager

                  • Production: wilqo-prod-operations-manager

                • SecondaryMarket:

                  • Staging: wilqo-stage-secondary-market

                  • Production: wilqo-prod-secondary-market

            2. Notify Us:

              • Once these groups are created, please send your Implementation Manager the names of the groups. We will update the permission mapping on our side to ensure everything works smoothly.

            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0