Skip to main content
All CollectionsConfiguration & AdministrationAdminister
Setting up SSO in P21E 6.1.0 and later
Setting up SSO in P21E 6.1.0 and later

Connecting your Certara applications with your organization's Service Provider for better security and compliance

Wendy Young avatar
Written by Wendy Young
Updated over 3 months ago

SSO, which stands for Single Sign-On, has proliferated in the software industry, and it is not hard to see why. Not a day goes by that we don’t hear about data breaches, ransomware attacks, and the like.

As more and more organizations have fallen victim to cyber-attacks it became clear that something had to be done about securing authentication to avoid the cost, embarrassment, and loss of trust related to these types of cyber-attacks.

By centralizing user and security management your teams can ensure that best practices for securing your data are being implemented.

🔢 The basics of your Certara Admin SSO Setup

SSO Setup is easy in Certara Admin, and if you add SSO as part of one of your Certara software application subscriptions, it applies across all applications so you're only connecting once and any settings you change update universally across them all as well.

Note: In order to set up SSO, your organization must first purchase it as part of your subscription. Customers who already have an SSO subscription through one of the connected Certara applications don't need to make an additional purchase.

🆔 Setting up SSO with your Identity Provider

Note: To be able to set up SSO, you must have the Global Administrator role in Certara Admin.

  1. Go to Certara Admin > Settings > SSO.

  2. Verify that the two Service Provider (SP) links are correct, then click Copy Link.

  3. In your Service Provider (SP) aka Identity Provider (IdP) system (e.g., Microsoft Active Directory), paste the two SP links, and then export your IdP Metadata.

  4. Back in Certara Admin, click Add metadata and enable SSO, and upload your IdP Metadata file there.

🗺 Mapping attributes for SSO setup

To finish making the connection between the information in the metadata file you exported from your Service Provider to Certara Admin, you must map key fields, or attributes in the SAML SSO Options section.

➕ Auto-creating Certara Users with SSO

Certara Admin will automatically create the users from your metadata file once SSO is successfully connected; however, you'll need to take an additional step to give them access to the Certara applications they use in their daily work. You can disable this feature for tighter control over the user creation process.

🔐 Control more with Advanced SSO Options

IT teams and Certara Administrators can control single logout behavior, redirects from the login button, max login time, and more.

You should reselect your preferences post-upgrade to confirm they are consistent with your prior preferences.

🏆 Why use Single Sign-on?

SSO doesn't mean much if you don't use it to secure the systems with your important data. For example, is your SSO really working for you if you've connected something like your Microsoft applications and don't take the time to secure your Certara applications as well. It's sort of like opening a retirement account and not investing the funds.

There are some really important reasons that so many organizations have implemented – or are planning to implement – some form of single sign-on:

  • Security – this must be at the top of the list, especially given how sensitive the data is that organizations like yours deal with daily. And one of the biggest risks when it comes to data security and breaches is due to password reuse. I'll admit to being a little guilty of that – I was in the habit of just choosing the same password or a variant of that password, just adding a 1 or an ! at the end to mix it up, because it just made it easier to remember. And let me tell you, that makes you a hacker's dream because all someone needs to do to get to your information is guess right once, whether it is your Instagram account password, your Netflix, login, or something far more important that you use at work.

  • Compliance – one thing we've noticed is that new clients who don't initially implement SSO often find themselves in a pickle when it comes to compliance with their company's internal security requirements, best practices, and Standard Operating Procedures. So, they end up waiting a year, getting flagged by their QA or compliance teams, and then it becomes really important to them. And that takes us back to why those teams require compliance – it's for your organization's information security.

  • Time – when you forget your password, how tedious is it to go through the rigamarole of the forgot password process, reset it, and then hope you can remember what you changed it to next time. That's just the time suck for general users. For Certara applications specifically, depending on your organization's security settings, getting all the block list notifications and removing users from the block list after too many login tries can be frustrating and maybe not the best use of your IT team or administrator's time.

Did this answer your question?