Setting Up RUCKUS One Login Access for SSO Group

RUCKUS One has an enhanced administrative feature that allows SSO users to log into RUCKUS One. In this method, users authenticated using Azure Active Directory (AD) are automatically provisioned according to the group in which they are members. This bypasses the need to directly add an individual administrator in RUCKUS One. You need to create an SSO Group by specifying the Object ID of the group defined in the AD, and assigning an RBAC role for the group. The individual users that belong to the specified group in the AD inherit the role assigned to the SSO Group and can use the AD credentials to seamlessly log into RUCKUS One.

Following are the high-level steps to configure and enable AD-defined SSO users to log into RUCKUS One:
  1. Set up SSO and define the allowed domains for user authentication. Refer to step 1 through step 5 in Setting Up SSO with a 3rd Party Provider.
  2. Add and manage an SSO Group. Refer to Adding and Managing an SSO Group.
  3. Log in using the SSO option. Refer to Logging In Using the SSO Option.

Logging In Using the SSO Option

After setting up the SSO and creating the SSO Groups, the user who is a member of the SSO Group can log into RUCKUS One using SSO with their Email address. The user will be redirected to the Active Directory where the user can use the AD credentials to seamlessly log into RUCKUS One after successful SSO authentication.

Note: Only the users who belong to a domain which is included in the Allowed Domain list can access RUCKUS One. Users in the same SSO Group with a different domain that is not added to the Allowed Domains list will not be authenticated. For more information, refer to Setting Up SSO with a 3rd Party Provider.