Using company single sign-on integration


Red Hat Customer Portal 1

Using company single sign-on credentials to access your Red Hat account

Red Hat Customer Content Services

Abstract

This guide explains how to use your company single sign-on credentials to access a Red Hat account.

Preface

The company SSO integration feature allows you to log in to your Red Hat account by using your company login credentials instead of your Red Hat account credentials.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. We are beginning with these four terms: master, slave, blacklist, and whitelist. Because of the enormity of this endeavor, these changes will be implemented gradually over several upcoming releases. For more details, see our CTO Chris Wright’s message.

Chapter 1. The company single sign-on feature

The company SSO feature integrates your company SSO with Red Hat SSO. This integration allows existing Red Hat users to authenticate to Red Hat with their company SSO credentials.

Note

Company single sign-on is not a self-service feature. Contact your Red Hat account team to learn more about how to enable this service for your company.

1.1. What is company single sign-on?

Company single sign-on is an integration between the Red Hat single sign-on system and your organization’s identity provider (IdP). This type of integration is commonly known as “3rd party IdP” or “federated IdP.” It enables users in your organization with existing Red Hat logins to sign into Red Hat services and applications that use sso.redhat.com for authentication, such as Customer Portal, Hybrid Cloud Console, and training-lms.redhat.com using their company SSO login credentials - the same credentials they use to access their company’s internal apps and resources. Any Red Hat website, app, or service using sso.redhat.com for authentication is accessible through company single sign-on integration.

1.2. Benefits of the Red Hat company single sign-on integration

Organization Administrators can use this feature for compliance and security reasons because authentication security protocols for Red Hat services can be managed directly by the organization by means of the authentication requirements of its own single sign-on system. Using the company single sign-on feature provides a better authentication user experience for end users. End users themselves can maintain one less set of login credentials.

Currently, company single sign-on integration has the following scope:

  • Link one company IdP with one Red Hat organization account.
  • Link one company user identity with one Red Hat user identity.
  • Use corporate SSO/IdP to authenticate to the Red Hat Customer Portal or any Red Hat application with a web-based authentication flow which uses sso.redhat.com.
  • OpenID Connect (OIDC) is supported.
  • Security Assertion Markup Language (SAML) is supported.

1.3. Limitations of the Red Hat company single sign-on integration

Some Red Hat services are not compatible with single sign-on integration. This means that you can revoke a user’s corporate IdP credentials, but the username and password can still be used to authenticate to some Red Hat services. To completely remove a user’s access to all Red Hat services, you must use the user management tool to deactivate the user account. A deactivated account can no longer be used to access Red Hat services.

User management is available by clicking your account avatar to open the account information page. You must be an Organization Administrator to use the user management tools.

Users must be created through currently supported methods to take advantage of company single sign-on integration. Company single sign-on integration does not support auto-registration of users.

Users without accounts in the customer IdP will not be able to authenticate. For example, this can affect vendor relationships where today the vendor user has a Red Hat login within the customer’s Red Hat company account. Once company single sign-on is enabled, if the customer is not willing or able to allow the vendor user to have an account in the customer IdP, the vendor user will no longer be able to log in.

Chapter 2. Using the Red Hat company single sign-on feature

You can use your company single sign-on to login to your Red Hat account.

Note

If your corporate Red Hat account is not set up to use company single sign-on, you can use your Red Hat account with your Red Hat login and password.

2.1. Logging in to your Red Hat account with company single sign-on

The following procedures describe different ways to log in to your Red Hat account depending on how your company single sign-on integration is set up.

Note

If you previously used a social login to log in to your Red Hat account, you will see an error message when company single sign-on (SSO) is enabled for your organization. A message appears on your Red Hat account screen:

Log in with company single sign-on.
Company single sign-on is required to access your account.

Click the link Log in with company single sign-on. to continue.

Because Red Hat provides multiple starting points to log in to your account, for consistency the following login procedures all begin at access.redhat.com.

2.2. Logging in when company SSO integration is not enabled

Use your email or your Red Hat login to log in your Red Hat account when it is not set up to use company single sign-on (SSO) integration. This is the default instance.

Prerequisites

  • You have a registered Red Hat user account.
  • Your Red Hat company account is not set up to use company SSO integration.

Procedure

  1. Use your browser to navigate to access.redhat.com
  2. Enter your email or your Red Hat login.
  3. Enter your Red Hat password.

Verification

After a successful login, the avatar that is associated with your user account appears in the navigation bar in place of the login icon. Click the avatar for additional account information.

2.3. Linking your Red Hat account to your company SSO user

Use your email or your Red Hat login to log in your Red Hat account when it is enabled to use company single sign-on (SSO) integration. The first time you log in, you must link your Red Hat account to your company SSO account.

Prerequisites

  • You have a registered Red Hat user account.
  • Your company account is set up to use company SSO integration.
  • Your Red Hat user account is not yet linked to your company SSO user.
Note

This procedure is only required the first time that you authenticate, which is when Red Hat initially detects that your Red Hat company account has single sign-on (SSO) integration enabled.

Procedure

  1. Use your browser to navigate to access.redhat.com
  2. Enter your Red Hat login or email registered to your Red Hat account.
    Your company single sign-on login appears.
  3. Enter your company username and password credentials.
    A message appears for the next step, One-time account linking required.
  4. Enter your Red Hat account password.
  5. Click the Link account button.

Verification

After a successful login, the avatar that is associated with your user account appears in the navigation bar in place of the login icon. Click the avatar for additional account information.

Note

If the linking action fails, check that the Red Hat login and password are correct and are associated with the corporate account connected to your company SSO.

2.4. Logging in with a company SSO user account

Use your email or your Red Hat login to log in to your Red Hat account when it is enabled to use company single sign-on (SSO) integration.

Prerequisites

  • You have a registered Red Hat user account.
  • Your Red Hat company account is set up to use company SSO integration.

Procedure

  1. Use your browser to navigate to access.redhat.com
  2. Enter your Red Hat login or email registered to your Red Hat account.
    The company SSO login page appears.
  3. Enter your company username and password credentials.
    This is the same information you use to log in to your company network, which also provides access to your Red Hat account.

Verification

After a successful login, the avatar that is associated with your user account appears in the navigation bar in place of the login icon. Click the avatar for additional account information.

2.5. Logging in when an email is used with company SSO and non-SSO accounts

Use a single email to log in to Red Hat user accounts that include accounts that use company SSO integration and accounts that do not.

Red Hat allows a single email to be associated with more than one account. However, each Red Hat login must be unique. When a single email is used with multiple user accounts, some user accounts might be associated with a company SSO integration and others might not.

The Red Hat login determines which login access method is provided.

Prerequisites

  • You have an email registered with more than one Red Hat user account.
  • One account (or more) has company SSO integration enabled.
  • One account (or more) does not have SSO integration enabled.

Procedure

  1. Use your browser to navigate to sso.redhat.com
  2. Enter the email registered to your Red Hat account.

    Note

    To choose whether company single sign-on or Red Hat account is your login method when the login page appears, select either of the following steps.

  3. To choose company single sign-on login method, click the company single sign-on .

    1. A company single sign-on page appears.
    2. Enter the username and password associated with your company single sign-on.
  4. To choose a Red Hat non-SSO login method, click the Red Hat account button.

    1. A Red Hat login page appears.
    2. Enter the password associated with your Red Hat user account.

Verification

After a successful login, the avatar that is associated with your user account appears in the navigation bar in place of the login icon. Click the avatar for additional account information.

2.6. Logging in when email is used on multiple SSO accounts

You can use one email for multiple accounts. When you do so, you must use your login and not your email to log in to your account.

Prerequisites

  • You have more than one registered Red Hat user account associated with a single email, and these user accounts span different Red Hat company accounts.
  • Your Red Hat company accounts are set up to use company SSO integration and those company accounts use different identity providers.

Procedure

  1. Use your browser to navigate to access.redhat.com
  2. Enter your Red Hat email registered to your Red Hat accounts.
    An information panel appears

    Email address associated with multiple logins
    To access your account, use your login instead.
  3. Enter the login registered to the account you wish to use.
    The customer SSO login page appears for the selected login.
  4. Enter your company username and password credentials.

Verification

After a successful login, the avatar that is associated with your user account appears in the navigation bar in place of the login icon. Click the avatar for additional account information.

Chapter 3. Reference

Table 3.1. Terms and definitions
TermDefinition

Federated identity

An electronic identity linked across multiple distinct identity management systems. See the Wikipedia Federated identity reference.

IdP

Identity provider. See the Wikipedia Identity provider reference.

SSO

Single sign-on. True single sign-on allows the user to log in once and access services without re-entering authentication factors. See the Wikipedia Single_sign-on reference.

Legal Notice

Copyright © 2024 Red Hat, Inc.
The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, the Red Hat logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
Node.js® is an official trademark of Joyent. Red Hat is not formally related to or endorsed by the official Joyent Node.js open source or commercial project.
The OpenStack® Word Mark and OpenStack logo are either registered trademarks/service marks or trademarks/service marks of the OpenStack Foundation, in the United States and other countries and are used with the OpenStack Foundation's permission. We are not affiliated with, endorsed or sponsored by the OpenStack Foundation, or the OpenStack community.
All other trademarks are the property of their respective owners.
Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.