Migrating to Alohi SSO if you have already manually activated a third-party SSO on your Fax.Plus account.

If you are a Fax.Plus user who currently integrates Single Sign-On (SSO) through a third-party SSO provider, this guide will assist you in transitioning to the new Alohi SSO application.

This migration to the Alohi SSO is seamless, keeps the users managed via SCIM integration, and works for both Fax.Plus and Sign.Plus platforms, enhancing both security and efficiency.

Step 1: Add the new Alohi Application

• Sign in to your Identity Provider admin portal (GSuite, OneLogin, etc).
• Find a way to add a new manual integration, call it “Alohi” and set the icon accordingly.
• You will need to specify:
  • • https://sso.alohi.com/metadata as the Entity ID / ACS Validator URL
    • https://sso.alohi.com/login as the ACS URL
• After configuring the integration, find and copy the following information:
  • • Single Sign On URL
    • Issuer / Entity ID
    • Signing Certificate / X.509 Certificate

Step 2: Update the SSO configuration from the Fax.Plus dashboard

• Login to your Fax.Plus account, and go to the Profile section on your Dashboard.
• Find the tab for Security in your Admin profile, and look for the box for Company-Wide Settings.
• To the right of Single Sign-On (SSO), click on Configure.
• Replace the existing SSO configuration in Fax.Plus with the new Entity ID, Reply URL, and Certificate.
  • • Fill in the Single Sign-On URL section with the new Single Sign On URL from the previous step.
    • Fill in the Entity ID with the Entity ID from the previous step.
    • Add the Signing Certificate in the section X.509 Certificate.
• Select “Alohi SSO” as the SSO Type.
• Finally, press Next.

Step 3: Set Up Automatic User Provisioning

• On the next screen, ensure “Automatically add new users to Fax.Plus” is checked in so that the users you assign via Azure are automatically created on Fax.Plus.
  • • Users can also be added to Sign.Plus accordingly, if you use our eSignature solution.
    • You can keep the Tenant URL and SCIM Token ready to copy, as they will be needed on the next step.
• Back on your identity provider’s configuration panel, locate where to add provisioning settings.
• You can add the Tenant URL specified above (https://sso.alohi.com/scim/v2) and the Authentification header as Bearer <Your SCIM Token>.

Step 4: If your SSO provider does not support SCIM

If your Identity Provider does not support automatic user provisioning (SCIM), please follow these steps to manually invite users:

1. Log in to Fax.Plus account as the Owner or an Admin and go to the Users tab.
2. Click on Invite New User in the top-right corner.
3. Enter the user’s email address.

   Tip: To invite multiple users at the same time, enter the email addresses separated by a comma.

4. Click on Confirm.
5. The new user accounts will be created, and the invited users can now log in using your SSO provider.

   Note: Existing active users will not be affected and can continue logging in via your SSO provider.

   Newly added users will initially see their email address displayed as their name in Fax.Plus settings. Users can change this by clicking on Edit at the top-right of the General section.

Step 5: Remove the legacy application

• Once you confirm that SSO and automatic user provisioning are functioning correctly, you can safely remove the old FAX.PLUS integration from your integrations.