Blender in an SSO Environment

Where access to OrgVue is through an SSO (Single Sign On) configuration, a little extra work is required to enable the Blender script to be run, either from a user's machine or from a server installation. You will need to have the admin role to be able to follow these instructions.

Specifically, this situation requires the use of authentication tokens.

Token authentication is an alternative authentication method between a user and OrgVue where a token (long code of letters and numbers) is deployed as the password. The user has the option to create a token with set expiration dates, therefore a single token can be used an unlimited number of times up until the expiration date. However, there is an option to manually delete the tokens at any point before the expiration date. For additional security, the IP address of the token user is required so that the token can only be used within the provided IP address.

 

1    Setting a User up for Token Access

1.1    First, determine the OrgVue user account which is to be used to run the Blender script.

1.2    Open the Users dataset. (If your organisation operates a Master/Sub-tenant structure then you should open the Users dataset in the Master tenant.)

1.3    If there is no property called 'Token Access' then please add this property exactly as shown below (note particularly the Key and that the Type is set to 'Yes/No') : -

                           mceclip0.png

1.4    Click 'Apply' and for the selected user set Token Access to 'Enabled'.

mceclip1.png

mceclip2.png

 

2    Creating a User Token

2.1     Go to the URL which your environment is on, and then add "/tokens" to the end of the URL - for example https://orgvue.eu-west-1.concentra.io/tokens

2.2    Log in with your OrgVue credentials

2.3    Under the title “Create a new token” input the following information

a. Start Date: the date the token is valid from

b. Expiration Date: the date the token expires (up to a maximum of one year)

c. Subnets: the IP addresses or subnets the token can be used from 

mceclip1.png

Note that the IP address that your machine is currently operating from is included at the bottom of the screen (ringed in red), so this value should be entered in the Subnets field.

It is possible that your network uses a range of IP addresses, so if the Blender operation fails as a result of an IP address problem you should approach your IT department to determine the set of IP addresses, and then create a new token listing all the IP addresses separated by a comma, eg 46.247.24.187,46.247.24.188,46.247.24.189

2.4    Validate the inputs provided

2.5    Select “Create” at the bottom of the screen. A pop up box will appear providing the token code.

mceclip3.png

2.6    Click the "Click to copy token to clipboard' button and paste it into a holding place such as Notepad and then click the 'OK' button to close down the token window.

 

3    To Enable Blender to use the Token

3.1    Exactly what to do with the token will depend upon your particular Blender implementation. Please work with your OrgVue implementation team to determine exactly what the final steps are to enable Blender to work in your SSO protected environment.

 

 

Have more questions? Submit a request

Comments