Internet2 is investigating a security incident involving a compromise to a confluence server that affected on April 10, 2019, which was successfully mitigated on April 12, 2019. If you did not receive an email from us, it’s unlikely that any of the content you submitted to the Internet2 Spaces Wiki needs to be re-entered. We apologize for any inconvenience this may have caused. Should you have any questions or require further assistance, please email
Page tree
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »


Enable Existing Admins for SSO Login

Existing MRAO, RAO and DRAO administrators that login to CM through the InCommon CM Login page by entering their CM account login credentials can also be enabled for SSO login in two ways:

  • Sending an SSO Invitation within CM
  • Editing the administrator's existing account

1. Sending an SSO Invitation

MRAO administrators and RAO/DRAO administrators with admin creation/editing privileges can enable SSO logins by sending an invitation from the CM interface. The invitation email will contain a link for the administrator to login to CM through the SSO login page.

To send an invitation to an administrator
  • Click the 'Admins' tab from the top of the CM interface
  • Select the administrator to be enabled for SSO login
  • Click the 'Send IdP Invitation' button

A confirmation dialog will appear:

  • Click 'OK' to send the invitation.

An invitation email will be sent to the administrator with a link to access the login page.


Upon clicking the link, the admin account will be activated and the administrator will be taken to the SSO login page for logging-in to the CM using his/her SSO credentials.



2. Editing the Administrator

An existing administrator can also be enabled for SSO login by specifying the user's identifier (ePPN) in their CCM admin settings.

To edit an administrator for enabling SSO
  • Click the 'Admins' tab from the top of the Certificate Manager interface
  • Select the administrator to be enabled for SSO login and click the 'Edit 'button.

The 'Edit Client Admin' form will appear:

  • Edit the following field:
    • IdP Person Id - Enter the unique identifier (ePPN) for the administrator (as asserted by the IdP).
  • Click 'OK' for your settings to take effect




  • No labels