Skip to main content

Search

Knowledge Center

Test Environment Access for SSO Agencies

Purpose Statement

This article outlines the available methods for clients using Single Sign-On (SSO) to access their test environments. It ensures agencies can validate configurations, test workflows, and train personnel without disrupting live operations.

Background Information

SSO-enabled accounts rely on external identity providers, which are typically not configured for non-production (test) environments by default. Because test environments are refreshed regularly (often monthly clones of the live system), access must be provisioned through alternative methods. These options provide flexibility depending on the agency’s IT capabilities and desired level of automation.

Required Permissions

  • Admin-level access is required for any user managing access in the test environment
  • Ability to create and manage users within the platform
  • (Optional for Option 3) Access to configure the agency’s SSO identity provider (IdP)

Step-by-Step Guide

Option 1: Request Local Login via Support (Monthly Request)

  1. Submit a support ticket under the System/Platform category.
  2. Request a Local Login account for the test environment.
  3. Support will:
    • Create a local user with admin permissions
    • Create a Password
    • Provide login credentials securely (you cannot use "send email")
  4. Log into the test environment using the provided credentials.
  5. (Optional) Create additional local users as needed:
    • Navigate to Admin > User Management
    • Add users with local authentication

Option 2: Create a Persistent Local Login in Live Environment

  1. In the live environment, navigate to Admin > User Management.
  2. Create a new user with:
    • Local authentication (username/password)
    • Admin permissions
  3. Save the user.
  4. During the next test environment refresh (monthly clone), this user will automatically be included.
  5. Use this account to access the test environment without needing a support request.

Option 3: Configure SSO for Test Environments

  1. Work with your IT team to update your SSO Identity Provider (IdP).
  2. Add the test environment as a recognized application/service.
  3. Configure:
    • Metadata (ACS URL, Entity ID, etc.)
    • User attribute mappings
  4. Assign users or groups access to the test environment within the IdP.
  5. Test login via SSO to confirm successful authentication.

Best Practices

  • Maintain at least one persistent local admin account (Option 2) to avoid delays.
  • Limit distribution of shared credentials; create individual accounts when possible.
  • Coordinate with IT before choosing Option 3, as SSO setup may require additional security review.
  • Document which method your agency uses to ensure continuity across staff.

Troubleshooting & FAQs

Q: Why can’t I log into the test environment with SSO?
A: SSO is not enabled by default in test environments unless explicitly configured (Option 3).

Q: My local login stopped working—why?
A: Test environments are refreshed monthly. If the account was created only in test (Option 1), it will not persist.

Q: What’s the fastest way to regain access?
A: Submit a support ticket (Option 1) or use a pre-created persistent account (Option 2).

Q: Who should have admin access in test environments?
A: At least one trusted administrator responsible for managing users and testing configurations.