FuseWorks offers single sign-on via OpenId integration with Practice Protect. This providers a seamless login experience to FuseDocs & FuseWorks, including the desktop app.
Practice Protect will configure this on your behalf with FuseWorks. Please send us an email at email@example.com
Prerequisites for FuseWorks SSO
- Administrator Access in Practice Protect
- List of All Users in FuseWorks
1. Login to Practice Protect and switch to Admin portal.
2. Go to Roles > Add Role > Under Description, enter the name of the Role on the Name field i.e. “FuseWorks Users” or skip if existing role exits.
3. Click on Members > Click Add > Add all FuseWork users and Click Save. All users must be added, otherwise they wont be able to access FuseWorks.
4. Click Save and Close the Role.
5. Now Go to Apps > Web Apps > Click on Add Web Apps > Go to Custom > Select OpenID Connect then click Add.
6. Click Yes to add.
7. Close out of the Add section.
8. Set the following fields:
Application ID: FuseWorks
Description: FuseWorks SSO
9. Right Click on the below FuseWorks Icon and Save to your desktop.
10. Click Browse next to the logo and select the downloaded image from step 9.
Confirm the Icon is showing and click Save.
11.Generate a Client Secret Password here.
Select, Numbers, Lowercase and Uppercase and set Length to 16. Then click Generate.
Copy the Password
12. Go to Trust, Paste the Generated Password in the Client Secret field.
13.Go down to Service Provider Configuration and set it to “https://app.fuse.work”
14. Under Authorized Redirect URIs click Add.
15. Add the following URL “https://fuseexternal.azurewebsites.net/api/Session/OIDCCallback”
16.Repeat and Add the following URL “https://fusewebapi.azurewebsites.net/api/Session/OIDCCallback”
17. Confirm both URLs are showing. Then click Save
18. Go to Tokens. Ticket “issue refresh tokens”. Leave all other settings.
19. Scroll down to custom login and look for the following line. “var email = LoginUser.Email;”
Update this to “var email = LoginUser.Username;”
As below and click Save
If the Script is missing you can use the below: (Copy and Paste)
// Claims “email” & “email_verified” will only be set
// if “email” is specified in scope.
var email = LoginUser.Username;
if (email && email != ‘unset’)
20. Go to Permissions and click Add.
21. Search for the role created in step 2, tick the Role and Add.
22. Click Save.
23. Go back to Trust. Note down the Client ID, Client Secret and Metadata URL.
24. Open your email client and create a new email to: firstname.lastname@example.org with the details below:
Subject: Practice Protect SSO Request
Hi FuseWorks Support,
We have configured FuseWorks for SSO in Practice Protect. Please see configureation details below:
Client ID: (from step 23)
Client Secret: (from step 23)
Metadata URL: (from step 23)
25. Once FuseWorks Confirms. You may now test login.