To configure Zuora in the Single Sign On Manager please follow these steps
- Select Directory Manager.
- Select Groups.
- Select the green plus sign in the bottom right corner.
- Name the Group Zuora Users.
Note: If you have other existing Groups for SSO users you can use one of these as well. - Select ADD GROUP.
- Select SSO Manager.
- Select the green plus sign in the bottom right corner.
- Select the Catalog Icon.
- Select Zuora from catalog.
- Select Application is Enabled.
- Select Add Application.
- Select Permissions.
- Select Add Groups.
Select the Group you chose in Step 4. - Select Save Changes.
Configuring Zuora
- To enable SSO for your Zuora account, you must first open a support ticket with Zuora to enable the feature.
- Add the Zuora app from the SSO catalog inside of AuthAnvil On Demand. Update the URLs based on the information provided by Zuora support.
- On the Protocol tab, access the Federation Metadata, to provide to Zuora support.
- On the Signing & Envcryption tab, download the SAML Certificate, to provider to Zuora support.
- Provider Zuora with your logout URL (https://{homerealm}.my.authanvil.com/apps, for example), as the Federation Metadata from the app.
- Zuora support will contact you once the configuration is updated on the Zuora side.
- SSO must be enabled on a per-user basis inside of Zuora. Once you have given a user permission for SSO in AuthAnvil On Demand, follow these steps to enable a User for SSO:
- Log into the Zuora application as a tenant admin, and browse to Settings > Administration Settings > Manage Users.
- In the user list, click the user for whom you want enable SSO.
- In the user's Basic Information section, select the SSO SAML Enabled field.
- In the Federated ID field, enter the unique SSO federated ID of this user. Federated IDs must be in an email format, i.e., username@domain.com.
- Click Save.
Additional information can be found here: https://knowledgecenter.zuora.com/CF_Users_and_Administrators/A_Administrator_Settings/Configure_Single_Sign-On_for_Zuora