Kumo is using Auth0 to support a variety of secure single-sign-on mechanisms, in order to simplify user management for your team. The two easiest integrations are:

  1. Google Workplace Single Sign On
  2. OIDC - OpenID Connect - supporting many other services including Okta and Azure Active Directory

SSO Configuration Guide Image Pn

In order to enable Google Workplace Single Sign On for your environment — no work is needed on your end. Simply reach out to your Kumo POC (Point Of Contact), and it can be enabled within hours.

The remainder of this document describes the process to set up OIDC. For the purpose of illustration, Okta is used as the OIDC provider, but these instructions should work with any other OIDC-compliant auth provider.

Okta Configuration

  1. Go to your Applications and create a new Application with the following settings:

    • Sign-in method: OIDC - OpenID Connect
    • Application type: Single-Page Application
  2. Under General Settings, make sure to select Grant types of Authorization Code and Implicit (Hybrid)

SSO Configuration Guide Image(1) Pn

  1. Next, add the following sign-in and sign-out URLs

SSO Configuration Guide Imagecopy Pn

NOTE: Please use auth.kumoai.cloud instead of kumoai.us.auth0.com as shown in the image above

  1. Select your preferred Assignment policy

13e856f Image Pn

  1. Click Save to create the App!
  2. Copy the Client ID and your Okta base URL
    • Example Client ID: 0oa654ok0jBdIJrpT5d7
    • Example Okta URL: dev-22499602.okta.com

SSO Configuration Guide Image(1)copy Pn

  1. Send your Client ID and Okta Base URL to the Kumo team

You will receive a notification from Kumo when your SSO onboarding is complete.