Login Authentication v5.0.0

For versions:5.0.0

Click ‘Download’ button to show summary or download as PDF for offline viewing.

Login Authentication

Authentication is the process whereby users login to 3Dolphins application. 3Dolphins offers three methods of authentication :

  1. Two-Factor Authentication
  2. Single Sign-On (SSO) Authentication
  3. Lightweight Directory Access Protocol (LDAP) Authentication

Feature and Functionality

Two-Factor Authentication

The best way to secure your accounts is two-factor authentication, or 2FA. This a process that gives web services secondary access to the account owner (you) in order to verify a login attempt. To be able login to 3Dolphins using authentication, this involves a email address.

This is how it works : when you login to a 3Dolphins application, you use your email address to verify your identity by typing in a one-time password (OTP) sent to your email message.


Login Authentication

  • Open the Web Browser on the computer. For the use of web browsers it is better to use Google Chrome and Mozilla Firefox.
  • Enter the URL address in the web browser.
  • In the login page of 3Dolphins SRM system, you can login as an ‘Administrator’ / ‘Supervisor’ / ‘Agent’ / ‘Quality Assurance’ / ‘Trainer’.
  • Type your Username (your email address) and Password‘ in the column provided.
    Note : Password is a combination of capital letters, lowercase letters, numbers, and symbols. Please use a valid email address to receive otp to your email address.
  • Click the ‘Sign In‘ button.

  • Then, OTP for login authentication will be sent to your e-mail message such as below.

  • If you don’t receive the OTP for login authentication, click the ‘Resend Otp‘ button, and the new OTP for login authentication will be sent to your e-mail message. But, if you receive the OTP, enter the code has been sent to your e-mail message and you can tick ‘Trust This device‘. When you make your computer as a trusted device, you won’t need to enter a OTP each time you try to access 3Dolphins system.

  • If login is successfully, you will see a dashboard page, such as images below.

Single Sign-On (SSO) Authentication

Single sign-on is used to authenticate users against a third-party identity provider (IDP) to pass authorization credentials to service providers (SP). You can enable SAML for your domain using a provider such as Microsoft Active Directory Federation, Okta, Onelogin, Oracle Identity Federation, or others. Using SAML, the IDP manages all credentials and authentication requests to sign in to enterprise cloud applications via Single Sign-On (SSO).

Below is an example enable SAML for your domain using the Okta provider.


Configure Okta Single Sign-On Integration with SAML

Log in to your Okta account and navigate to the Admin dashboard.


The Dashboard is displayed. In the top left section, click developer console and select classic UI.


In the Shortcuts menu, click Add Applications. The Add Application window is displayed, click Create New App.


The Create a New Application Integration dialog is displayed. In the Sign on method field, select SAML 2.0 and click Create.


The Create SAML Integration window is displayed and opens at the General Settings tab. In the App name field, enter a name, and click Next.


The Configure SAML tab is displayed.

  1. Enter single sign-on URL, e.g https://example.com/acs
  2. Enter Audience URI (SP Entity ID), e.g https://example.com/metadata
  3. In attribute statement, enter name ‘user.email‘ with value ‘user.email‘.
  4. Click Next.

The Feedback tab is displayed. in the Are you a customer or partner? select “I’m an Okta customer adding an internal app” and click Finish and ensure that you assign your users.


Navigate to the Applications window and click Assignments if you want to assign either a User or Groups. Click Assign, then you can select Assign to People or Assign to Groups.


Click the Sign On tab, the Sign On tab is displayed. Click View Setup Instructions.


You can use ‘identity provider single sign-on URL‘, ‘identity provider issuer‘ and ‘X.509 Certificate‘ to configure on saml.properties


Please save some values ​​from Okta like Assertion, Assertion Consumer Service (ACS), Attribute, Audience Restriction, Default Relay State, Endpoint, Entity ID, Identity Provider (IdP), Metadata, NameID, Service Provider (SP) and Single Sign On URL in one property file. To view detail information about values, please refer to document https://support.okta.com/help/s/article/Common-SAML-Terms?language=en_US


Setting It Up

After configure Okta, to set up the LDAP connection, sign in as administrator and go to Administration menu → System SettingsUser Configuration.


Enable LDAP by selecting ‘saml‘ option, and configure the SAML Identifier field and the User identifier field. The saml identifier field is the attribute statement used in third-party SAML integration, while the user identifier field is the attribute statement that is used on 3Dolphins application.

For example, in 3Dolphins application, to login with SSO you use your username (email address) to verify your identity. This attribute statement used in okta is known as “user.email” but in the 3Dolphins application the attribute statement is known as “Email”.

If it’s already enable, you can click the ‘Save’ button to save the user configuration.


Sign-In With SSO

Open the Web Browser on the computer. For the use of web browsers it is better to use Google Chrome and Mozilla Firefox. Enter the URL address (server) in the web browser and click the ‘Sign In with SSO‘ button.


You will be asked to enter a username. If it’s already entered, you can click the ‘Sign In With SSO‘ button.


Then, you will see the login page, enter your username and password and click the ‘Sign In‘ button.


If login is successfully, you will see a dashboard page, such as images below.

Lightweight Directory Access Protocol (LDAP) Authentication

Currently, 3Dolphins has supported to configure multiple LDAP. So, you can add an LDAP configuration for each group that is registered in 3Dolphins.


Setting It Up

In order, to set up the LDAP connection, sign in as administrator and go to Administration → System Settings → User Configuration → Enable LDAP → select ‘Native‘ option.


Add LDAP configuration parameter. If it’s already enable, you can click the ‘Save‘ button to save the user configuration.


Field component explanation :

ParameterDescription
User GroupSelect user group of LDAP authentication.
LDAP URLURL to configure the connection to the directory server.
Base DNThe LDAP Distinguished Name for your Active Directory with default value (e.g. dc=example,dc=com).

Example URLs : http://docs.3dolphins.ai/documentation 
Base DN from above URLs is ‘documentation‘.
Based SearchThis field sets where in the schema the query should start searching.
Manager DNFor set the LDAP DN Manager.
Manager PasswordThe password for the username specified in the LDAP username field.
ldap identifier fieldFor setting LDAP Identifiers.
ldap user identifier fieldFor managing User Identifiers.

Sign-In with LDAP

For example, when LDAP authentication is enabled and the user login to the 3Dolphins application, the user will be asked to enter a username, password and must also choose a group. Then the system will authenticate, if the user is registered and appropriate, the user will be directed to the user’s dashboard page, but if the user fails to authenticate, you will see an error notification.

  • Open the Web Browser on the computer. For the use of web browsers it is better to use Google Chrome and Mozilla Firefox.
  • Enter the URL address in the web browser.
  • In the login page of 3Dolphins SRM system, you can login as an ‘Administrator’ / ‘Supervisor’ / ‘Agent’ / ‘Quality Assurance’ / ‘Trainer’
  • Type your Username (your email address) and Password‘ in the column provided.
    Note : Password is a combination of capital letters, lowercase letters, numbers, and symbols ,
  • Select group and click the ‘Sign In‘ button.

  • Then the system will authenticate, if the user is registered and appropriate, the user will be directed to the user’s dashboard page.

  • But, if the user fails to authenticate, you will see an error notification.
Was this article helpful?
Dislike 0