1. Home
  2. Applications
  3. CaseWare
  4. Enable SSO for CaseWare

Enable SSO for CaseWare

Purpose

CaseWare offers single sign-on via OpenId integration with Practice Protect. This provides a seamless login experience to CaseWare Cloud, including the desktop app.

Practice Protect will configure this on your behalf. Please send us an email at support@practiceprotect.com

Prerequisites for CaseWare SSO

Instructions

  1. Login to your Practice Protect and switch to the Admin portal (ex. mydomain.id.cyberark.cloud)
  2. On Core Services, Click on Roles > Add Roles. Create a role and set the name field to CaseWare SSO Users. Then Save.
  3. With the created role, click on Members Add. Add each user that will have access to the app. Then Save.
  4. From the Apps & Widgets, go to the Web Apps section. Then, choose Custom and select OpenID Connect. Click Add
  5. Click Yes to add.
  6. The application that you just added opens to the Settings page. Set the following details:
    • Application ID: CaseWare
    • Name: CaseWare SSO
  7. You can use the logo below as the icon for the app. Right-click and save the image as.

  8. Hit Save.
  9. Generate Client Secret using the Password Generator. Set it to 16 characters, combining Uppercase, Lowercase, and Numbers. Don’t include symbols in the generated password
  10. Copy it.
  11. Return to the CaseWare SSO app in Practice Protect. Go to Trust and paste the password in the Client Secret Field.
  12. Hit Save.
  13.  Copy the Client ID and Metadata URL.
  14. Login to the CaseWare Cloud Portal with the admin account. (Confirm MFA and Password Expiry is Disabled Before Continuing)
  15. From the Cloud menu, go to Settings >  Single Sign-On > Identity Provider. If this option is not available. please reach out to CaseWare SSO Support  (support.au@caseware.com)
  16. On the Identity Provider page, complete the following fields:
    • Identity Provider Name: Practice Protect
    • Identity Provider metadata endpoint: Paste the Metadata URL copied from Step 13
    • Client ID:  Paste the Client ID copied from Step 13
    • Client Secret: Paste the Client Secret generated from Step 9
  17. Click Save.
  18. Copy the Reply URL Keep this as we will use it in the next steps.
  19. Return to Practice Protec CaseWare SSO app. Go to Trust. Under Service Provider Configuration, set the Relying Party application URL field with the below
    • https://au.casewarecloud.com/firmname – change firm name to company domain

      NOTE: If you’re unsure of the URL, get the URL by signing in to my.caseware.com > Cloud Licenses > Website URL
  20. Under Authorized redirect URIs, Click Add and paste the Reply URL copied from Step 18
  21. Make sure that Enable full URL match is not ticked.
  22. Click Save.
  23. Proceed to Tokens. Scroll down and replace the default script with the below custom claims. Click Save.

    setIssuer(Issuer);
    setClaim(‘name’, LoginUser.DisplayName);
    setClaim(‘given_name’, LoginUser.FirstName);
    setClaim(‘family_name’, LoginUser.LastName);
    setClaim(’email’, LoginUser.Email);

  24. Go to Permissions. Add the role we created in an earlier step to the permissions page (e.g. CaseWare SSO Users) and click Save.
  25. Test SSO by going to the Caseware Login Page. Click Go to Single Sign-On, the first time will link your account. Once linked you can only sign in with SSO.
  26. The SSO Integration is now completed. Note: If you require to disable SSO, you must log a support request through CaseWare Support.

Updated on August 29, 2024
Need Support?
Can't find the answer you're looking for?
Contact Support