SSO (Single Sign On) for Jedox On-Premises

Instead of using a simple LDAP authentication, it is possible to use integrated Windows Authentication, also known as Active Directory Single Sign On (AD SSO). Jedox natively supports SSO with AD. For authentication, newer versions of Windows use Kerberos per default. Older versions of Windows used NTLM.

For details on setting up Azure Active Directory single sign-on (SSO) integration with Jedox, see this tutorial from Microsoft.

Users who are logged in to the Microsoft Windows system are connected directly with the Jedox OLAP (In-Memory DB) server without further login prompts.

To use Single Sign On, an Active Directory (AD) environment is mandatory. If the Jedox OLAP server and the AD are not running in the same domain, it may be necessary to set the Service Principal Name (SPN).

The Jedox installation must be configured for the 1) server's operating system and 2) the desired SSO mode, and then 3) client must also be configured. These steps are outlined in the articles linked below:

Step 1: configure Jedox OLAP server Windows / Linux

Step 2: configure SSO Mode authorization mode / authentication mode

Step 3: configure Jedox clients Excel Add-in / Jedox Web browser client

If you’ve scaled or clustered Jedox, further configurations are necessary. See SSO Technical Information for more information.

Manual login option

When SSO or SAML is configured, some users (e.g. admins) need to manually log in, bypassing SSO and SAML. To do so, simply add the flag ?nosso to the login URL for Jedox web, e.g.

https://<serveraddress>/ui/login/?nosso

Updated June 5, 2023