Index:
In this article, we'll go over the steps for setting up an Integrations Hub SSO with iMIS Web Service.
*** Not sure if you have iMIS Web Service or EMS? Here's an easy way to check:
Within your iMIS account, navigate to:
Settings > About iMIS > iMIS version
Version 20.3 or later = EMS
Version 20.2 or earlier = Web Service
Here is a screenshot of what this settings area will look like or similar to:
Turns out you have iMIS EMS? See this article.
Basic Setup within Integrations Hub
1. Get Started with Integrations Hub.
2. Add a new SSO connector from the Integrations Hub dashboard.
3. You will be brought to a page with different SSO options. Select iMIS Web Service.
4. You will now be shown the below screen. Keep this screen open in your browser. We'll be jumping over to your iMIS account to adjust some settings but we'll need to return to this page once we're done.
iMIS Side Settings
5. In a new browser tab, go to your iMIS organization account URL: https://{instanceurl}/staff
Example:
My organization is called King of The Hill and my website is KingoftheHill.com. This means my iMIS account login link should be: https://KingoftheHill.com/staff
6. Request admin login credentials from your staff if you don't have them already (it's important that these credentials are admin, other account types will not have access to what we need). Once you have the proper credentials, login to iMIS with these credentials on the above page.
7. Now we're going to begin gathering a few items from within your organization's iMIS account. We'll be copy/pasting these items into your Integration Hub so be sure to add these to a notepad as we go, for easy reference after.
First, make a note of your iMIS Redirect URL. Your iMIS Redirect URL should follow the below format so like the above account URL, you just need to replace {instanceurl} with your organization's website URL:
https://{imisInstanceUrl}/AsiCommon/Controls/Shared/FormsAuthentication/LoginStatusRedirect.aspx
Next your Membership service URL is like this:
https://{imisInstanceUrl}/asicommon/services/membership/membershipwebservice.asmx?wsdl
Now make note of your Query service URL, which is like this:
https://{imisInstanceUrl}/asicommon/services/query/queryservice.asmx?wsdl
8. Next, we're going to grab your Login URL from inside iMIS. Once logged in, you'll see settings/ dashboard items located on the left side of your screen. You need to scroll down to Rise > Page Builder > Manage Content:
9. You'll be brought to a new page. On this page, go to the top, and select New > Website Content.
10. Then, under the Definition tab, add the Publish Title. We usually suggest: OpenWaterRedirect
11. Now click into the "Properties" tab and check off "Content requires user to log in", select user condition for redirect as "User is authenticated"
12. Next, Change the Target URL or shortcut for redirect to the Integrations Hub Begin URL which you can get from integrations hub settings page. See the screenshots below. Once done, click "Save and Publish" in iMIS.
13. With this complete, you can now get your Login URL. After clicking "Save and Publish", go back to the Definition tab. You will now see a Login URL on this page, labeled as "Publish Location". It should follow this structure: https://{imisInstanceUrl}/OpenWaterRedirect.aspx
14. Let's grab your User Info IQA Path. Looking back to your iMIS dashboard items located on the far left of your screen, click Rise > Intelligent Query Architect. Once this page loads, click "New" (located at the top), and select "Folder".
15. Write "OpenWater" as the folder name and then click "Save".
16. You will see the folder has been created on the files explorer section, click on the folder and then select New > Query
17. In the Summary Tab give the query name, usually we use: GetDataByUserId
18. In the Sources tab click on Add Source then select CsContact object and click ok
19. Go to the Filters tab and make sure Advanced Mode is enabled
20. On this same page, we're now going to populate these settings:
Select "iMIS Id" for the Where Clause
Select "Comparision as Equal"
Select "Prompt as Required"
Click + icon to add the row
Check "Require user to provide at least one valid value"
Check "Limit the number of results returned" and insert "1" in the value field next to it
21. Now go to the Display Tab and select "View all Columns"
22. This should show you all available properties. Select what fields you want to get for the user profile which will be used to map to OpenWater's user profile fields. Once you're done, click "Save" in the top right.
23. You'll now need to create your Query path. This query path will be: $/OpenWater/GetDataByUserId
Back to Integrations Hub
24. Jumping back to Integrations Hub in the browser tab you left open earlier, we're going to now add all of these data pieces from iMIS to your Integrations Hub settings. At this stage you should now have:
Admin Username and Password
iMIS Web Service Redirect URL: https://{imisInstanceUrl}/AsiCommon/Controls/Shared/FormsAuthentication/LoginStatusRedirect.aspx
Login URL: https://{imisInstanceUrl}/OpenWaterRedirect.aspx
Membership Web Service URL: https://{imisInstanceUrl}/asicommon/services/membership/membershipwebservice.asmx?wsdl
Query Service URL: https://{imisInstanceUrl}/asicommon/services/query/queryservice.asmx?wsdl
User Info IQA Path: $/OpenWater/GetDataByUserId
25. Let's begin by giving your connector a name. This name can be whatever you'd like but we normally suggest this format: {Name of Organization} SSO {Year}
26. You now copy/paste the Login URL you saved earlier in the field located under the Name. This should be the URL for the page you created on iMIS, and it should be: https://{imisInstanceUrl}/OpenWaterRedirect.aspx
27. Under the Login URL field, click "Select Credentials" then click "Add New Credentials" from the drop-down menu:
28. You should now have a half-window open up on the right side of your screen labeled "Create New Credentials". You'll need to input the following from those previous pieces of data we saved:
Credentials Name could be anything, but we normally suggest repeating the same name you added to the Config section a few minutes ago: {Name of Organization} SSO {Year}
Your iMIS Redirect URL should be: https://{imisInstanceUrl}/AsiCommon/Controls/Shared/FormsAuthentication/LoginStatusRedirect.aspx
Your Membership Web Serivce URL: https://{imisInstanceUrl}/asicommon/services/membership/membershipwebservice.asmx?wsdl
Your Query Web Service URL: https://{imisInstanceUrl}/asicommon/services/query/queryservice.asmx?wsdl
Admin Username
Admin Password
The User Info IQA Path: $/OpenWater/GetDataByUserId
Leave the additional Query name empty
Now click "Add"
29. The "Create New Credentials" half-window will now close. Click "save" at the top of left the connector settings.
30. Located under "Save" on the top left of your screen, click the "Field Mapping" tab. You'll now see an assortment of drop-down menus, allowing you to set what user profile fields your SSO will pull from your iMIS database into OpenWater. You can add to or delete any of the fields that auto-populate for you.
Additional Tip:
The OpenWater fields should auto-populate but if you're not sure what fields are set in your OpenWater instance, you can find those here:
https://{YourOpenWaterInstanceName}.secure-platform.com/admin/organizations/main/userprofileformtemplate/preview
Your iMIS object is going to be the Query Path we set earlier: $/OpenWater/GetDataByUserId
iMIS Fields are the fields we selected within iMIS in Step 21. You can now use a dropdown to select any field you'll like.
31. Once you're done, click "Save" and then "Publish" in the top left of your screen.
32. Now go back to your "Settings" tab and copy the Begin URL
Finalize Your SSO within OpenWater Instance
33. Login to your OpenWater instance as an admin: https://{YourOpenWaterInstanceName}.secure-platform.com/admin/
34. From the dashboard settings located on the left side of your screen, scroll down to System Settings > Login Configuration
35. On this Login Configuration page, add the below settings:
Check "Allow 3rd Party Corporate Handshake Authentication"
Choose "Json Web Token" from the list
The Login URL is the Begin URL we just copied from Integrations Hub
Secret Key will be the same JWT Secret Key located in your integrations hub settings page
For your Login Button Text, we suggest: Login with {CompanyName}
Click Save
Secret Key in Integrations Hub Settings:
36. Your SSO is now complete- high-five yourself, you did it!
Testing Your New SSO
37. As with any new integration or workflow, testing is super important! Follow these steps here: https://help.getopenwater.com/en/articles/6991126-testing-a-new-sso-single-sign-on-integration