Skip to main content
Skip table of contents

Connecting to iMIS - Configuring the OpenID Connect Module

Overview

This page explains how to connect Cloud SSO Professional/Enterprise to the OpenID Connect module of iMIS EMS.

In order to use Cloud SSO Professional or Enterprise, you must have the additional OpenID Connect module licensed from ASI. To verify this, go to Staff Site > Settings > About iMIS, and make sure that OpenID Connect is listed in the “Licensed features” list.

Setup

In your iMIS EMS Staff site, navigate to Settings > Contacts > OpenID Connect.

In another browser tab, log in to the Cloud Dashboard and navigate to Cloud SSO > External Directories > iMIS SSO Settings. Have this page handy, we will need to reference values from it below.

Back in iMIS, configure the following settings:

  • OIDC authentication: Set to Test mode until all setup is complete and you have verified all functionality is working.

  • Type: Okta

  • Name: Can be anything - recommended: “Cloud SSO

  • Client ID: Copy this value from the Client ID field in the Cloud SSO app

  • Client Secret: Copy this value from the Client Secret field in the Cloud SSO app

  • Well-Known URL: Copy this value from the Discovery (Well-Known) URL field in the Cloud SSO app

  • Authority URL: Copy this value from the Issuer field in the Cloud SSO app

  • Redirect login URL: Enter the base domain of your iMIS instance, including https:// and a trailing slash.

    • Example: https://www.example.org/

    • Example: https://members.example.com/

  • External ID claim type: Enter: external_id

  • Set login hint: (tick) Enable this setting

  • User authentication > Claim type: Enter: staff

  • User authentication > Claim value: Enter: 1

  • Email body: Customize this as needed to your organization’s preferences

When finished, press Save.

Finally, back in Cloud SSO, copy the Redirect login URL value from the iMIS OpenID Connect configuration screen and paste it into the Cloud SSO Redirect URL field. Then press Save Settings.

Note: The connection between Cloud SSO and iMIS that was just set up is a ONE-TIME setup process. This means:

  • If you are connecting one, or many, external directories, you do not need to repeat this process or change anything in iMIS.

  • The settings that were just configured in iMIS are for the Cloud SSO product only – be sure not to enter any external directory-specific information into iMIS.

  • Connections to external directories (Amazon Cognito, Microsoft Entra, Okta, etc) should only be configured inside the Cloud SSO app, not iMIS. The Cloud SSO is your “proxy” or “gateway” to these connected external directories.

When finished configuring the OpenID Connect screen in iMIS, proceed to configuring one or more external directories.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close