Authentication Flows
When the SAML Admin Authentication integration is enabled users login experience will change.
Admin Login Page
Once the SAML Admin Authentication configuration is complete, a new Admin Login page will be enabled. This page offers alternative sign-in methods, including the option to sign in via the SAML Identity Provider (IdP). Non-admin users will continue using the Public Login page, which has a different URL from the admin login page.
Non-Admin users will continue to use the Public Login page.
The admin login page uses a different URL than the public login page.
| Login Page | URL |
|---|---|
| Public | https://domain/q/login |
| Admin | https://domain/q/login/admin |
Admin users signing into Jadu Central Control Centre using the Sign in with Jadu Connect method will be directed to the Admin Login page.
Jadu CMS version 21.1.0 or later, or Jadu Central version 1.0.0 or later is required for redirecting to the Admin Login page in Jadu Connect.
Using the Admin Login Page with Non-Jadu Applications
Organisations using OAuth authentication with Jadu Connect (outside Jadu Central) must add the parameter login_type=internal to the OAuth redirect. This ensures that users can access the Admin Login page and its alternative sign-in options during the authentication process.
Example Redirect URL
https://cxm.example.com/q/oauth/v2/auth
?client_id=zbueiup9h80s487asgc4s4gss4kww4cwsgk0owk4gc8s4kkg4
&response_type=code
&redirect_uri=https://myapp/oauth-handler
&state=ABCDEF
&login_type=internal
Login directly from Jadu Connect
Scenario: The user is logging in after opening the Jadu Connect login page directly.
- Click the Login with... button under Alternative sign-in methods to start the SAML sign-in flow.
- Log in using SAML Identity Provider (e.g., Azure) credentials. If already logged in to the SAML Identity Provider, the user will not be prompted to log in again.
- Upon successful authentication, the user will be signed into Jadu Connect.
Login from Jadu Central (without 'Bypass Login Page' enabled)
Scenario: The user is logging into Jadu Central using the Sign in with Jadu Connect option. In the SAML Admin Authentication settings within Jadu Connect, the Bypass Login Page option is disabled.
- Click the Sign in with Jadu Connect button on the Jadu Central Control Centre login page. This will redirect the user to Jadu Connect's Admin Login page.
- Click the Login with... button under Alternative sign-in methods to start the SAML sign-in flow.
- Log in using SAML Identity Provider (e.g., Azure) credentials. If already logged in to the SAML Identity Provider, the user will not be prompted to log in again.
- Upon successful authentication, the user will be signed into Jadu Connect and automatically redirected to Jadu Central, where they will also be signed in.
Login from Jadu Central (with 'Bypass Login Page' enabled)
Scenario: The user is logging into Jadu Central using the Sign in with Jadu Connect option. In the SAML Admin Authentication settings within Jadu Connect, the Bypass Login Page option is enabled.
- Click the Sign in with Jadu Connect button on the Jadu Central Control Centre login page.
- Log in using SAML Identity Provider (e.g., Azure) credentials. If already logged in to the SAML Identity Provider, the user will not be prompted to log in again.
- Upon successful authentication, the user will be signed into Jadu Connect and automatically redirected to Jadu Central, where they will also be signed in.
Note: In this scenario, the user will be silently redirected through Jadu Connect's authentication pages.