1. Home
  2. Applications
  3. CaseWare
  4. Enable SSO for CaseWare

Enable SSO for CaseWare

Purpose

CaseWare offers single sign-on via OpenId integration with Practice Protect. This providers a seamless login experience to CaseWare Cloud, including the desktop app.

Practice Protect will configure this on your behalf. Please send us an email at support@practiceprotect.com

Prerequisites for CaseWare SSO

Instructions

1. Login to Practice Protect and switch to Admin portal.

2. Go to Roles > Add Role > Under Description, enter the name of the Role on the Name field i.e. “CaseWare Users” or skip if existing role exits.

3. Click on Members > Click Add > Add all CaseWare users and Click Save. All users must be added, otherwise they wont be able to access CaseWare.

4. Click Save and Close the Role.

5. Now Go to Apps > Web Apps > Click on Add Web Apps > Go to Custom > Select OpenID Connect then click Add.

6. Click Yes to add.

7. Close out of the Add section.

8. Set the following fields:

Application ID: CaseWare

Name: CaseWare

Description: CaseWare SSO

Click Save

9. Right Click on the below CaseWare Icon and Save to your desktop.

____________

10. asdsada

11.Generate a Client Secret Password here.

Select, Numbers, Lowercase and Uppercase and set Length to 16. Then click Generate.

Copy the Password

12. Go to Trust, Paste the Generated Password in the Client Secret field. Paste the Client Secret.

13. Click Save.

14.Note down the Client ID, Client Secret and Metadata URL.

14. In a separate browser tab, login to CaseWare Cloud Portal (As Administrator).

(Confirm MFA and Password Expiry is Disabled Before Continuing)

15. From the Cloud menu, select Settings.

16. Select System | Cloud Billing.

17. Select the link to Go to MyCaseWare.

18. Select Licenses from the top menu.

19. Under your license information, select Site Details.

20. Select Activate Single SignOn at the bottom of the Site Details page.

21. From the Cloud menu (), select Settings | Single Sign-On | Identity Provider.

22. On the Identity Provider page, complete the following fields:

Identity provider display name: Practice Protect

Identity provider metadata endpoint: (From Step 14)

Client ID: (From Step 14)

Client secret: (From Step 14)

23. Click Save. Your reply URL will now display.

24. Select the Copy to Clipboard button to copy your reply URL

25. Go back to the Practice Protect App screen.

26. Under Authorized Redirect URIs click Add.

27. Paste the URL from step 24.

28. Under Resource application URL. Add the firms CaseWare Login URL. “https://au.casewarecloud.com/firmname”

29. Confirm both URLs are set and click Save.

30. Go to Tokens

31. Scroll down in the Claims script and replace the default script with the below custom claims. Click Save.

setIssuer(Issuer);
setClaim(‘name’, LoginUser.DisplayName);
setClaim(‘given_name’, LoginUser.FirstName);
setClaim(‘family_name’, LoginUser.LastName);
setClaim(’email’, LoginUser.Email);

32. Go to Permissions

33. Click Add, find the Role created in Step 3 and add it. Then Save.

34. Test SSO by going to your Firms login Page. Click Go to Single Sign-On, the first time will link your account. Once linked you can only sign-in with SSO.

35. Repeat step 34 for all staff.

36. If you require to disable SSO, you must log a support request with CaseWare.

Updated on March 1, 2021