Single sign-on for FlippingBook Online
In this article, we cover the following topics:
- How SSO works and how it applies to FlippingBook
- I manage our company’s SSO and want to set it up
- We recently enabled SSO. How do I log in now to my FlippingBook account?
- I need to make changes to our users
SSO in general
FlippingBook Online supports Single Sign-On (SSO) for two different purposes:
- Allowing access to flipbook(s) to a group of users in your SSO system and denying it to everyone else.
- Allowing access to your FlippingBook Online account to a group of users in your SSO system and denying it to everyone else.
Both options are only available in FlippingBook Online Enterprise.
SSO is an authentication mechanism that allows a user to log in to different apps with a single set of credentials. You don’t have to keep track of dozens of logins and passwords.
Here's how it works:
- First, you set up users in a central SSO management system, called the Identity Provider. Popular systems include Okta and Microsoft Entra.
- You connect this system with other apps that support SSO, like FlippingBook Online.
- Then, in your SSO management system, you specify which user has access to which apps.
Now, your users only need to log in to your SSO system. When they start another app, like FlippingBook Online, we check with the Identity Provider if the user is already logged in and is allowed to use FlippingBook Online. If so, they automatically are granted access. There is no need to log in.
This is not only convenient for your users. It also significantly increases security. For example:
- Users can no longer use weak passwords.
- Users won't need to write down their passwords.
- Users can't pass their credentials to colleagues who should not have access.
- When someone leaves your organization, deleting their account immediately removes access to all systems they had access to.
- If you enable Multi-Factor Authentication in your SSO management system, then all your apps will benefit from that.
Can I use SSO to log in to my FlippingBook Online Account?
Yes, but this is only available to clients with an Enterprise plan. This way you be sure only authenticated users can access your FlippingBook Online account to create, manage, or delete flipbooks.
Can I use SSO to restrict access to flipbooks to authenticated users?
Yes, all clients with FlippingBook Online Enterprise can use SSO to restrict access to their publications. We have articles that explain how it works and how to use it when set up.
How to integrate FlippingBook Online with my Identity provider?
To set up SSO (either for account access or flipbook access) you create a new application in your SSO Identity provider. We have instructions available for:
- Setting up SSO with Okta
- Setting up SSO with Microsoft Entra (formerly Azure AD)
- Setting up SSO with OneLogin
FlippingBook SSO is based on SAML, so you should be able to connect to any SAML-based Identity provider. Since there are hundreds of providers, we only provide instructions for some of the more popular services: Okta, Microsoft Entra, and OneLogin. You should however be able to establish a connection between your own SAML Identity provider and FlippingBook Online with the data that our support team provides to you and using the documentation of your SSO provider.
We have set SSO for account access, how to log in to my FlippingBook Online account?
There are different ways to log in. It depends on how your SSO administrator set it up:
- If you use an application portal in your SSO solution, they probably added a shortcut there. You can simply use that.
- You can still go to our website https://flippingbook.com/account/online and click ‘Log in via SSO’ at the bottom of the login screen.
Then enter your email address or the name of your SSO domain that we set up. Typically, that’s your company name (with the first letter capitalized). We immediately check your credentials with your SSO provider.- If you have already authenticated, you will immediately be taken to your FlippingBook Online account.
- If you are not authenticated, we take you to the authentication page of your SSO provider. After you authenticated there, you are transferred back to FlippingBook Online.
- Finally, we send out an email to all new users with a link to go directly to their account which they can bookmark. This link is also available to the account owner in the Team section of the account. Click on View details, and copy the link from the pop-up.
Note that after we enable SSO, it is no longer possible to log in with a username and password!
User management after setup
Adding users after initial setup
You can simply add new users to your SSO management system, and assign them to your FlippingBook Online group. When such users try to open the FlippingBook Online App, we will automatically create a subuser account for them on our end.
Optionally, the account owner of your FlippingBook Online license can invite the new user. This will send an email to the new user with the direct login link.
Removing user access
If you removed/revoked access for a user in your SSO system, then they will no longer have access to FlippingBook Online. The user account on our end will keep existing and the private flipbooks that this user owned will keep working. Other than that, the account is inaccessible. The FlippingBook Online account owner will have to delete it manually and decide what to do with the flipbooks: either delete them as well or move the flipbooks to a subfolder in their own account.
A new user replacing another user
Suppose a user leaves your team, and the flipbooks that this user made will be managed by a new user. You make the changes in your SSO management system, but that leaves the new user with a clean, empty account. There are two ways to transfer the flipbooks:
Without our assistance
- The FlippingBook account owner deletes the subuser, and when deleting, selects the option to move flipbooks to their own account (this will create a private folder for them with the old username).
- The FlippingBook account owner turns the folder with books from the deleted user into a Shared folder.
- The new user logs in and moves all the books from the Shared folder to their Home folder.
- Either user deletes the (now empty) folder from the old user.
With our help
the account owner can simply ask us to change the login email after you updated the access rights in your SSO management tool. The benefit is that this will retain the folder structure that the original user had created.