Your Omega account can be set to allow a number of different login methods. One of these is SAML 2.0 Single Sign-on, which allows users to login to Omega using an identity provider instead of an Omega username and password.
What you need from us
Your Omega Account ID (learn more)
Single Sign On URL: https://app.omegaedi.com/api/2.0/Authenticate?saml_acs&saml&folder=YOUR_OMEGA_ACCOUNT_ID
Recipient URL and Destination URL are the same as the Single Sign On URL
Audience Restriction: https://app.omegaedi.com/api/2.0/vendor/php-saml-master/demo1/metadata.php
Default Relay State: https://app.omegaedi.com
Note: You can NOT use your Omega subdomain instead of app for each of these options.
What you do
This tutorial is for if you are using Okta, but it may be similar for other similar services
Create an application in Okta that you will use for Omega authentication
Find the SAML Settings on the General tab and click Edit
3. When you come to step 2, fill in the fields with the values described in the What you need from us section above. (Make sure you replace YOUR_OMEGA_ACCOUNT_ID with your actual Account ID)
4. Make sure you add the employeeNumber attribute. The value you use for that attribute will be the value that Omega checks for authentication and should be unique
Next in Omega...
In Omega, you will need to edit each user and set their External ID field to be whatever value Okta is going to send for the employeeNumber attribute
What we need from you
For everything to work, you will need to contact Omega customer service and give us:
Your Okta application's Sign On URL
Your Okta application's Issuer
Your Okta application's x509 certificate
Once everything is set, you can open you Omega Account Settings page and on the Basic tab you will find a setting called Login Options.
Set it to SAML 2.0 Single Sign-On and click Save
This will make it so your users can only login to your Omega account via SAML, and not using a username and password.