This document provides instructions to integrate PURELYHR with UPSSO based on SAML protocol.

PREREQUISITES

  1. Administrator access to the PURELYHR portal.

  2. Administrator access to UPSSO portal.

CONFIGURING PURELYHR APPLICATION IN UPSSO

  1. Login into the UPSSO portal as an administrator.

  2. Click on the “Application Management” menu and then click new record button and select SAML application as highlighted below.

3. Click on the PURELYHR application icon.

4. Enter the PURELYHR URL of your company .Click on the Save button.

5. The PURELYHR icon will appear under the Application menu item.

DOWNLOADING THE IDP CERTIFICATE

  1. Click on the “IDP Resources” link and then “DOWNLOAD IDP CERTIFICATE” button.

2. A file named “server.crt” will be downloaded. Keep this file as we need this later.

CONFIGURING UPSSO SAML IN PURELYHR

  1. Login into the PurelyHR application as an administrator user.

  2. Click on the icon(Account Dashboard) shown in the below image.

3. Click on SSO Settings.

4. Enter your IDP SAML configuration details.

X.509 Certificate : The IDP certificate

IdP Issuer Url : https://<UPSSO_SERVER_HOST>/upsso/get-idp-metadata

IdP Endpoint Url : https://<UPSSO_SERVER_HOST>/upsso/upsso-service

Logout Url : https://<UPSSO_SERVER_HOST>/upsso/logout

5. Click on SAVE Changes.

TESTING THE INTEGRATION

  1. Make sure to logout from PurelyHR .

  2. Login into the UPSSO portal as a user having the same email address as a PurelyHR user.

  3. Click on the PurelyHR icon as shown below.

4. Select the OTP method and enter the OTP and click on the Verify button

5. User will be able to access the PurelyHR application.

BYPASS SSO URL

  1. The administrators can bypass the SSO by accessing the PurelyHR URL https://<YOUR_PURELYHR_DOMAIN>/staff

  2. Only the administrator can access the above URL.

  3. The Non-Admin users can only login through SSO