Single Sign-On
Single sign-on (SSO) is an authentication method that allows users to securely log in to multiple related software systems using a single ID (or username) and password. This allows users to log in once to be able to access services without re-authenticating.
InEvent supports integration with the SSO methods listed below:
This article will take you through the steps of configuring SSO integration to handle user sign-in process.
How do I configure SSO integration?
This section will guide you to configure SSO integration with SAML 2.0, Azure Active Directory (OIDC), and OpenID Connect.
Whitelisting your domain
Before starting to configure SSO integration, it is necessary to first whitelist your domain(s). To whitelist your domain(s), contact InEvent by submitting a Question using the Issue report feature.
Once your domain has been whitelisted, it will appear under Whitelisted domains on the Company details page, as seen below:

InEvent will generate a DNS setting which you need to add to your domain for verification purposes. Once this step has been completed, your domain status will change from Not verified to Verified, and you can proceed to configure SSO integration.
Configuring SAML 2.0 SSO integration
This section describes how you can integrate SAML 2.0 SSO to InEvent with OneLogin as an example.
Setting up SAML 2.0 SSO with OneLogin
Check out the video linked below to set up SAML 2.0 SSO with OneLogin:
Preparing OneLogin SSO with SAML 2.0 Protocol
This section will guide you on how to set up OneLogin SSO with SAML 2.0 protocol with OneLogin as the SAML initiator. Follow the steps below:
- Navigate to Applications > Applications from your OneLogin administrator dashboard.
- Select the SAML Custom Connector (Advanced) from the list of available applications.

- Enter your portal name, icon, and description details as needed.
- Click Save. You will be taken to the information page of your newly created app.

- Navigate to the Configuration tab.
- Enter the details below into the corresponding fields, along with other fields if applicable:
- ACS (Consumer) URL Validator:
^https:\/\/app\.inevent\.com\/{{
company nickname}}
\/sso\-auth\.php
- ACS (Consumer) URL:
https://app.inevent.com/
{{company nickname}}
/sso-auth.php
{{company nickname}}
with your company nickname at InEvent. Alternatively, navigate to Integrations > SSO from the Company level at InEvent and locate the SAML Redirect URL value.- Click Save.

- Navigate to the SSO tab.
- Locate and copy the X.509 Certificate, Issuer URL, SAML 2.0 Endpoint (HTTP), and SLO Endpoint (HTTP) details. These details will be entered at the InEvent platform at the next step.

Integrating OneLogin SSO to InEvent with SAML 2.0 protocol
Once you have finished configuring the SSO integration at OneLogin and collected the necessary details, you can proceed to integrate it to the InEvent platform by completing the following steps:
- Navigate to Integrations > SSO from the Company level.
- Choose SAML 2.0 entry in the Sign on method drop-down box.
- Insert the parameters below into the corresponding fields:
- Issuer Name:
OneLogin
- Issuer Label (login button):
Login with OneLogin
, or the desired label to be displayed on the login screen - Issuer URL (previously copied from OneLogin)
- SAML 2.0 Endpoint (HTTP) (previously copied from OneLogin)
- SLO Endpoint (HTTP) (previously copied from OneLogin)
- X-509 Certificate (previously copied from OneLogin)
- Press the green Link account button to finish the configuration.

- Choose where to display the SSO log in page by checking the corresponding box(es) after integrating the SSO. The available options are as follows:
- Display on Company Login: Display the OneLogin SAML 2.0 SSO option to log in to the Company level
- Display on Event Login: Display the OneLogin SAML 2.0 SSO option to log in to the Event level
Configuring Azure Active Directory SSO integration
This section will guide you to configure SSO integration with Microsoft Azure Active DIrectory. This integration uses the Open ID Connect (OIDC) authentication protocol. After completing these steps, user log-ins will be handled by Azure Active Directory.
Preparing Azure Active Directory SSO integration within InEvent
- Navigate to Integrations > SSO from the Company level.
- Select Azure ID (OIDC) in the Sign on method drop down box.
- Locate and copy Redirect URI within the page. This URI is necessary for setting up your app in Azure Active Directory.

Setting up your app in Azure Active Directory
- Log in to Microsoft Azure Portal.
- Navigate to Active Directory under Azure services within the Azure Management Portal.

- Click App registrations from the left panel.
- Click New registration.

- Enter the necessary details below:
- Name: An identifier to the app you will be using Azure log in for.
- Supported account types (required): Group of user accounts to be permitted to log in. Select as needed.
- Redirect URI: Azure will return authentication responses to this URI after authenticating users successfully. This URI is found by navigating to the Company level in the InEvent platform > Integrations > SSO > Sign on method: Azure ID (OIDC) > Redirect URI.
Once you have entered the required information, you will be redirected to the Overview page of the newly created app.
- Locate Application (client) ID and Directory (tenant) ID within the Essentials section. Copy these IDs as they are needed to configure SSO integration within the InEvent platform.

- Navigate to Certificates & Secrets.
- Press New client secret to generate Azure Application Secret Value.

- Enter the client secret description and expiration period as needed. This will generate a Secret Value.

- Locate the newly generated Secret Value. Copy this secret as it is needed to configure SSO integration within the InEvent platform.

Integrating Azure Active Directory SSO to InEvent
Once you have finished setting up your app in Azure Active Directory and collected the necessary details, you can proceed to integrate Azure Active Directory SSO to the InEvent platform. Complete the following steps:
- Navigate to Integrations > SSO from the Company level and select Azure AD (OIDC) in the Sign on method drop down box.
- Insert the parameters below into the corresponding field:
- Issuer Name
- Issuer Label (login button): The label to be displayed on the login screen.
- Azure Directory (tenant) ID (previously copied from your Azure AD account)
- Azure Application (client) ID (previously copied from your Azure AD account)
- Azure Application Secret Value (previously copied from your Azure AD account)
- Press Link account to finish the configuration process.

- Choose where to display the SSO log in page by checking the corresponding box(es) after integrating the SSO. The available options are as follows:. The available options are as follows:
- Display on Company Level: Display the Azure AD SSO option to log in to the Company level
- Display on Event Level: Display the Azure AD SSO option to log in to the Event level
Once the integration is complete, the page will be updated with the following information:

Configuring OpenID Connect SSO integration
InEvent supports certified SSO OIDC Identity Providers, such as:
- OneLogin
- G Suite
- Other Identity Providers that use OAuth 2.0 authentication protocol
Integrating OpenID Connect SSO with InEvent
- Navigate to Integrations > SSO from the Company level.
- Select Open ID Connect in the Sign on method drop down box.
- Insert the parameters below into the corresponding field:
- Issuer Name: The name of the SSO Identity Provider (IdP).
- Issuer Label (login button): The label to be displayed on the login screen.
- OpenID Connect URL: The URL that accepts the OpenID Connect request.
- OpenID Connect App ID: OpenID Connect Client ID provided by your IdP.
- OpenID Connect App Secret: OpenID Connect secret provided by your IdP.
- Press Link account to finish the configuration process.

- Select where to display the SSO log in page by checking the corresponding box(es) after integrating the SSO. The available options are as follows:
- Display on Company Level: Display the Open ID SSO option to log in to the Company level
- Display on Event Level: Display the Open ID SSO option to log in to the Event level
.well-known configuration
file ({OpenID Connect URL}/.well-known/openid-configuration
).Log in experience
After successfully integrating SSO to InEvent, users will undergo a slightly different log in process.
Event organizers
Event organizers with administrator permissions will see the interface below when logging into the platform (with OneLogin as an example):

Upon pressing Login with OneLogin, they will be directed to the SSO portal to enter their user credentials, as shown below (with OneLogin as an example).

Once the log in process has been completed, they will be redirected to the InEvent platform.
Attendees
Attendees will see the interface below when logging into the platform (with OneLogin as an example):

Upon pressing Login with ONELOGIN (using ONELOGIN as an SSO example), they will be directed to the SSO portal to enter their user credentials, as shown below:

Once the log in process has been completed, they will be redirected to the InEvent platform.
Multiple SSO integrations
You can use multiple SSO integrations to handle the account authorization process in your company and event on the InEvent platform. To do so, simply integrate more than one SSO integrations from the Company level and set them to be displayed from the desired level (Company level only, Event level only, or both levels).
Below is how the Company level log in interface will look like with multiple SSO integrations enabled and displayed.

Below is how the Event level log in interface will look like with multiple SSO integrations enabled and displayed.

Mandatory SSO Auth
After integrating SSO to InEvent, you can enable the Mandatory SSO Auth tool so that users can only enroll to your event if they are authenticated through the integrated SSO methods.
To enable Mandatory SSO Auth, follow the steps below:
- Navigate to Settings > Tools from the Event level.
- Press the Edit button on the top right corner of the page.
- Locate the Login section.
- Enable Mandatory SSO Auth by checking the corresponding box.
- Press the End button to save your changes.

After completing the steps above, users will see the following log in interface when accessing your Registration form, with multiple SSO directories enabled as an example.

Allow non-SSO log in
It is possible to allow non-SSO log in when SSO is enabled and activated. In order to allow non-SSO login, follow the steps below:
- Navigate to Account > Tools from the Company level.
- Click Edit.
- Locate Allow non-SSO login under the Login section.
- Check the box to enable the function.
- Press End to save your changes.

After completing the steps above, attendees will see the following screen when logging in to your event.

Auto register with SSO
You can allow users who log in using SSO to be automatically registered to your event, even if they were not added to the event's list of attendees. To allow the automatic registration of users who log in using SSO, follow the steps below:
- Navigate to Settings > Tools from the Event level.
- Click Edit.
- Locate Auto register with SSO under the Login section.
- Check the box to enable the function.
- Press End to save your changes.

After completing the steps above, users who log in using SSO will be automatically registered to your event as an attendee. Therefore, they will be directed to the Virtual Lobby without being prompted to complete the Registration form, even if they were not added to the event's list of attendees.

