This procedure describes the login process to Movilitas Mobile through Single Sign-On (SSO).

Log in to Movilitas Mobile to perform scanning activities on the sites.

List of Procedures

• Standard SSO Login to Movilitas Mobile Web
• SSO Re-Login after Logout on Movilitas Mobile Web
• Standard SSO Login to Movilitas Mobile Installed (Native) Application
• SSO Re-Login after Logout on Movilitas Mobile Installed (Native) Application

Standard SSO Login to Movilitas Mobile Web

The procedure below describes the standard SSO login procedure.

Before You Begin

Make sure that your user is registered in the Identity Provider used for SSO and in Movilitas.Cloud.

Single Sign-On must be set up on the tenant in Movilitas.Cloud that you want to access.

Procedure

1. Open the URL that allows you to log in to Movilitas Mobile Web through SSO.

If you are logged in to the Identity Provider (Keycloak), you are immediately logged in to Movilitas.Cloud. You land on the Movilitas Mobile Dashboard page, where you can select the tenant or, if the tenant is already chosen, the application where you want to scan.

If you are not logged in to the Identity Provider, Movilitas.Cloud redirects you to the Identity Provider login page.

If the SSO identifier is invalid or the SSO is turned off on the tenant, Movilitas.Cloud returns the following error message: Please enable SSO or update SSO settings on tenant to continue with authentication.

2. If you are not logged in to the Identity Provider, enter your email and password on the Identity Provider login page, and sign in.

If the given credentials are correct and your user exists in Movilitas.Cloud, you are immediately logged in to Movilitas.Cloud. You land on the Movilitas Mobile Dashboard page, where you can select the tenant or, if the tenant is already chosen, the application where you want to scan.

However, certain situations can lead to an error:

• If too much time passes before the successful authentication, the request fails and Movilitas.Cloud returns an error message: Invalid or expired request.
• If your user is not active in Movilitas.Cloud, Movilitas.Cloud returns an error message: Authentication failed. Your account is not active.
• If the client secret given in the SSO settings is not correct, Movilitas.Cloud returns the following error message: Problem getting token from Identity Provider. Please check SSO settings under tenant settings.
• If the given credentials are correct, but your user does not exist in Movilitas.Cloud, Movilitas.Cloud returns an error message: User doesn’t exist.
  • An administrator of the target tenant in Movilitas.Cloud shall add your user (email address) to the tenant in Movilitas.Cloud.

If the given credentials are incorrect, an authentication error occurs on the Identity Provider login page.

Next Steps

Select your tenant. For more information, see Selecting a Tenant in Movilitas Mobile.

After selecting the tenant, select the application and perform scanning operations.

Back to the list of procedures

SSO Re-Login after Logout on Movilitas Mobile Web

The procedure below describes the scenario when you logged out of Movilitas.Cloud and you want to log in again on the SSO login page.

Procedure

1. Click Login on the SSO login page.

Example:

You are logged in through SSO again unless you are logged out of the Identity Provider. If you cannot log in through SSO, you are redirected to the Identity Provider login page.

Once logged in, you are redirected to the Dashboard.

Alternative link on the SSO login page:

• Not an SSO User? Click here to login with normal credentials. - Not applicable to an SSO user. Moreover, an SSO user cannot log in through the standard way.

Back to the list of procedures

Standard SSO Login to Movilitas Mobile Installed (Native) Application

Before You Begin

Make sure that the one-time SSO setup is performed in the application. For more information, see Setting Up SSO in the Movilitas Mobile Application Installed on a Device.

Procedure

1. Open the mobile application.

The application displays the login page with the Log In Using SSO button.

Example (Android):

2. Select Log In Using SSO.

If you are logged in to the Identity Provider (Keycloak), you are logged in to Movilitas.Cloud.

• For iOS devices, an intermediate page is displayed informing you that the authentication succeeded, and the Go back to app button is available to proceed.
• You land on the Movilitas Mobile Dashboard page, where you can select the tenant or, if the tenant is already chosen, the application where you want to scan.

If you are not logged in to the Identity Provider (Keycloak), Movilitas.Cloud redirects you to the Identity Provider login page.

If the SSO identifier is invalid or the SSO is turned off on the tenant, Movilitas.Cloud returns the following error message: Please enable SSO or update SSO settings on tenant to continue with authentication.

3. If you are not logged in to the Identity Provider (Keycloak), enter your email and password on the Identity Provider login page, and sign in.

If the given credentials are correct and your user exists in Movilitas.Cloud, you are logged in to Movilitas.Cloud.

• For iOS devices, an intermediate page is displayed informing you that the authentication succeeded, and the Go back to app button is available to proceed.
• You land on the Movilitas Mobile Dashboard page, where you can select the tenant or, if the tenant is already chosen, the application where you want to scan.

However, certain situations can lead to an error:

• If too much time passes before the successful authentication, the request fails and Movilitas.Cloud returns an error message: Invalid or expired request.
• If your user is not active in Movilitas.Cloud, Movilitas.Cloud returns an error message: Authentication failed. Your account is not active.
• If the client secret given in the SSO settings is not correct, Movilitas.Cloud returns the following error message: Problem getting token from Identity Provider. Please check SSO settings under tenant settings.
• If the given credentials are correct, but your user does not exist in Movilitas.Cloud, Movilitas.Cloud returns an error message: User doesn’t exist.
  • An administrator of the target tenant in Movilitas.Cloud shall add your user (email address) to the tenant in Movilitas.Cloud.

If the given credentials are incorrect, an authentication error occurs on the Identity Provider login page.

Back to the list of procedures

SSO Re-Login after Logout on Movilitas Mobile Installed (Native) Application

Procedure

1. Select Log In Using SSO.

Example (Android):

You are logged in through SSO again unless you are logged out of the Identity Provider. If you cannot log in through SSO, you are redirected to the Identity Provider login page.

Once logged in, you land on Movilitas Mobile Dashboard on the previously selected tenant.

• For iOS devices, an intermediate page is displayed informing you that the authentication succeeded, and the Go back to app button is available to proceed.

Back to the list of procedures