If you still have questions or prefer to get help directly from an agent, please submit a request.
We’ll get back to you as soon as possible.
NOTE: IT Glue appears to accept sha1 x.509 certs. Please be aware of this. If the SSO failed and the error displayed on IT Glue states "Invalid Signature on SAML Response", follow these steps to fix it.
- Navigate to https://developers.onelogin.com/saml/online-tools/x509-certs/calculate-fingerprint.
- Open the downloaded certificate in a text editor to copy the content, then paste it into the textbox of the above link. Select SHA-1 in the Algorithm drop-down menu.
- Click the CALCULATE FINGERPRINT button.
- Copy this output to your Account > Authentication > Fingerprint field.
- Save Changes.
1. Getting Started
We first need to gather the required information needed to implement Evo as the SSO manager here. Since IT Glue uses an older SAML integration setup with a more manual process, we'll have to gather this information in a different way. Follow these steps to gather the required SAML information:
- Log into your Evo Account
- Select your Tenant ---> Integrations
- Select the generic SAML Web App
- You will be shown the information needed
Once this is complete, hit save to save these changes.
2. Testing the SSO
Now we will test to make sure this works. If it fails, do not worry, IT Glue will allow you to sign-in using your IT Glue credentials and display an error message of what went wrong to help debug the EVO SSO.
- In a new browser window, head to your IT glue environment (yourenvironment.itglue.com).
- You should now be prompted to enter your Evo Security credentials.
- Upon successfully entering your credentials, you'll be redirected back to IT Glue and signed in!
If these steps do not work, there may be two additional steps you will need to enable in order for this to complete successfully.
There’s a new portion that has been added to the ITGlue authentication page and it may be tied into how our authentication works through EVO. I’ll break it into two sections:
- Before the ITGlue integration was allowed me to do anything or make any changes on my ITGlue test account, I needed to enable MFA for my personal user. You may need to do the same on your account. This can be found under My Account > My Settings. I’ve attached a screenshot. *NOTE* - The Evo Mobile App does not accept this token. But for now, you can use any other like Google Authenticator.
2. The next option we must select is under Account > Authentication. It’s the new “Require MFA for access to this account” checkbox. Make sure that is enabled. I’ve attached a screenshot.