SSO Integration with Power eCard: Step-by-Step Guide for Setup

Geschätzte Lesezeit: 2 min

With Single Sign-On (SSO), your employees can log in to Power eCard securely and conveniently – using their existing company login credentials. No separate password, no additional user account required.

What is SSO – and Why Is It Useful?

SSO (Single Sign-On) allows users to log in to Power eCard using their existing login credentials from your company’s identity system – such as Microsoft ADFS, Azure Active Directory, or another identity provider.

This means no separate login credentials are needed for Power eCard.

Benefits of SSO

  • No additional password needed
  • Same login credentials as used internally
  • Central user management
  • Higher data security and access control
  • Optional automatic role assignment (e.g. Admin, Editor)

Step 1: We send you a file for integration

To begin, we’ll provide you with a metadata XML file from Power eCard. This file contains the technical details needed to connect Power eCard to your identity system (such as ADFS).

This file is usually uploaded or configured inside your identity provider’s interface.

Tip: This step is typically handled by your internal IT department or system administrator. If you don’t have access to the system, please forward the file to your IT team.

Step 2: Your system sends user data to Power eCard

During login, your system sends specific user information to Power eCard. These are called user attributes or claims. This data allows Power eCard to identify the user and assign the correct access.

Please ensure the following fields are sent with each login request:

Required fields:

  • ID (uid) → Must be unique and unchanging
  • Email address (email)
  • First name (firstname)
  • Last name (lastname)
Important: If required fields are missing or incorrectly labeled, SSO login will fail.

Optional Fields

  • Language (language) → e.g., “de” or “en”
  • Timezone (timezone) → e.g., “+2”, “-4.5”
  • Company (company)
  • City (city)
  • Country (country) → ISO ALPHA-2 code (e.g., “DE” for Germany, “US” for USA)

Optional roles

  • is_admin (bool)
  • is_editor (bool)
  • is_publisher (bool)

Optional groups

  • A list or array of group names, e.g., “Marketing”

Step 3: You provide your ADFS metadata to us

To finalize the SSO connection from our side, we’ll need some technical details from your ADFS (or another identity provider).

Please send us the following information:

  • Issuer URL → This is the unique identifier of your ADFS instance. It tells Power eCard which system is handling the login.
  • SSO URL → This is the address (endpoint) users are redirected to when logging in. It’s where the actual authentication takes place.
  • ADFS certificate(s) → These certificates are used to securely verify that the login request really comes from your ADFS system.
Tip: The easiest way to send us this information is by exporting your metadata XML file. This file typically contains all the above details in a structured and standardized format.

Step 4: Decide how you want to manage user roles

Before we finalize the integration, we need to know how you’d like to handle user permissions (e.g., Admin, Editor access):

Option 1: Manage roles via SSO

→ Roles such as is_admin or is_editor are passed from your system each time a user logs in and are automatically applied in Power eCard.

Option 2: Manage roles manually in Power eCard

→ Users log in via SSO, but you assign their roles manually in the Power eCard interface (e.g., by an administrator).

Was this article helpful?
Dislike 0
Questions? Search our knowledge base.