Steps to Enable SSO for the W Energy application (on-prem)

1. In Azure, set Identifier (Entity ID) to the W-energy app domain.

   • Example: client.wenergysoftware.com

2. Set the Reply URL to the W app sign-in URL.

   • Example: https://client.wenergysoftware.com/users/sign_in

3. On the W app server, there should be a idp.yml.sample file in /srv/www/apps/revenue_accounting/config. Copy this file and name it idp.yml.

4. edit idp.yml and make these changes:

   • set the first line to production (from development)

   • set the assertion_consumer_service_url to your W-energy app login URL

     1. example: https://client.wenergysoftware.com/users/sign_in

   • set issuer to the W-Energy app domain

     1. example: client.wenergysoftware.com

   • Set idp_sso_target_url to URL in the Metadata XML section under SingleSignOnService

   • replace the certificate with one provided by Azure

5. Edit /etc/revenue_accounting/config.yml and add top-level config:

   1. CODE

      authentication_mode: saml

6. Create /srv/www/apps/revenue_accounting/config/attribute-map.yml with the following contents. note: this maps the email from the SAML request to the user’s email in the W app.

   1. CODE

      "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress": "email"

7. Restart services

Additional notes:

To troubleshoot SSO issues, you could enable verbose SSO logging by editing /etc/revenue_accounting/config.yml and under the features block add:

sso_verbose_logging: true

This will then log SSO activity to the production log in /srv/www/apps/revenue_accounting/log/

If you need additional assistance, please log a support ticket through the Customer Portal.

https://wenergysoftware.atlassian.net/servicedesk/customer/portal/5

If you do not have a portal account, please reach out to support@wenergysoftware.com and we’ll get one created for you. Thank you!