SSO (Single Sign On) for Jedox On-Premises
Instead of using a simple LDAP authentication, it is possible to use integrated Windows Authentication, also known as Active Directory Single Sign On (AD SSO). Jedox natively supports SSO with AD. For authentication, newer versions of Windows use Kerberos per default. Older versions of Windows used NTLM.
For details on setting up Azure Active Directory single sign-on (SSO) integration with Jedox, see this tutorial from Microsoft.
Users who are logged in to the Microsoft Windows system are connected directly with the Jedox OLAP (In-Memory DB) server without further login prompts.
To use Single Sign On, an Active Directory (AD) environment is mandatory. If the Jedox OLAP server and the AD are not running in the same domain, it may be necessary to set the Service Principal Name (SPN).
The Jedox installation must be configured for the 1) server's operating system and 2) the desired SSO mode, and then 3) client must also be configured. These steps are outlined in the articles linked below:
Step 1: configure Jedox OLAP server Windows / Linux
Step 2: configure SSO Mode authorization mode / authentication mode
Step 3: configure Jedox clients Excel Add-in / Jedox Web browser client
If you’ve scaled or clustered Jedox, further configurations are necessary. See SSO Technical Information for more information.
Manual login option
When SSO or SAML is configured, some users (e.g. admins) need to manually log in, bypassing SSO and SAML. To do so, simply add the flag ?nosso to the login URL for Jedox web, e.g.
https://<serveraddress>/ui/login/?nosso
Updated June 5, 2023