0.2. Login

Logging into SocrateCloud is the process of identifying an individual, based on a username and password or by using an account with an active Google Apps subscription. Below is a description of the login process:

Username and Password Login

To start using SocrateCloud, type the application URL into the address bar of your browser:

https://my.socratecloud.eu/soweb

The Login window will appear:

• Email - mandatory field, enter your email address here;

• Password - mandatory field, enter your password here;

• Language - mandatory, select the user interface language.

After filling in all mandatory fields click

Ok or press Enter to continue.

Starting with v17.06 if the number of users is exceeded the following actions will occur:

• The access of simple users will be blocked until the application administrator will take action(enables a larger number or users or disables some old ones);

• The administrator will have access in the system but he will receive an error message in the "Problem report" window.

By pressing "I lost my password", the system will send an email to the specified email address. The email contains link which, if pressed, will reset the password for the respective user.

• If the email address was selected for multiple users on different tenants, all the users passwords will be reset.

• for on premise implementations, the I lost my password functionality is available only if the following compnents have been activated: CAPI and CSEC;

A second login window may appear if the Select role checkbox has been checked:

• Role - mandatory field, select a role assigned to your user (this controls your permissions within the application);

• Tenant - mandatory field, select a tenant defined within the application. f the e-mail address is used by multiple tenants, then the user must select the Tenant he wants to log on with;

• Organization - mandatory field, select the default organization;

  • only organizations where the selected role has Read Write acces will be available. If the role does not have Read Write acces to any organizations, * organizations will be available for selection. Details in Roles;

• Warehouse - select the default warehouse;

• Printer - select one of the printers defined within the system for printing documents and reports.

When done with the selections, click

Ok or press Enter to login to SocrateCloud.

If there are system access restrictions only from certain IP addresses, then access will be blocked if someone tries to connect from another IP. The system will indicate this with a message with the IP from witch the connection is being attempted. Please contact your application/system administrator to determine whether or not you have access from this IP. (valid functionality from v17.11).

Wrong Password Block

If you enter a wrong password three times in a row, the user will be blocked for a limited time(usually 24 hours) and the following error message will be prompted to the user:

Only administrator users can unblock other users, by accessing the Tools Menu in the top right corner of the screen. Click Tools and then select Blocked Users.

The Blocked Users window will open which contains a list of all the users that entered their password incorrectly within the last 24h. To unblock a user press the Reset button next to it.

Google Authentication

To connect using a Google account press the Sign in with Google button located on the Login window in SocrateCloud. When first trying to log in, Google will ask you for permissions and you may have to enter your Google email account and password. If the Google authentication is successful you will automatically log into SocrateCloud (only if the Google email address has a corresponding SocrateCloud user with a valid role).

Starting with v15.04 due to changes imposed by Google (https://developers.google.com/accounts/docs/OpenIDConnect), Google authentication requires a system setup before it can be used:

This setup will be done at "system" level by a user with access to this level! The settings will apply to all the tenants in the system and will be available to all users with Google email accounts.

1. access the "Google Developers Console" - this is done by the user authorised to do the setup - https://console.developers.google.com/project

   1. • press the "Create Project" button and enter an appropriate name in the "Project name" field (e.g. "SocrateCloud - Log in), after which you can press "Create".

• • the Google Developers Console will display the new project. In the left side vertical menu, go to APIs & auth -> Credentials and press the "Create new Client ID" button.

  • the "Create Client ID" window will appear. Select "Web application" and press "Configure consent screen"

• • the "Consent Screen" window will appear where you have to fill in the following fields:

    • Email address - email address for the user doing the setup;

    • Product name - an appropriate name for the product (ex: "SocrateCloud"), by which the users will identify the application asking for permissions;

    • Homepage URL - the SocrateCloud application url - the address used to access SocrateCloud through a web browser;

      • on the right side of the screen a user consent screen example will be shown. This will be displayed to all users when they first use Google Authentication and will notify them of the permissions granted to SocrateCloud regarding their email account.

    • The remaining fields are optional. Press "Save" to continue;

• • the "Create client ID" window will reappear where you have to fill in the following fields:

    • "Authorized JavaScript origins" - the SocrateCloud application url

    • "Authorized redirect URIs" - the SocrateCloud application url followed by "/soweb/openid?is_return=true";

    • press "Create Client ID" to continue.

• • the Google Developers Console will now display information required for the SocrateCloud application setup:

    • "Client ID";

    • "Client secret";

    • keep this window open and open the SocrateCloud application (in a separate browser tab):

• 1. Access the SocrateCloud application at at "system" level!

     • open the Tenant window and access the Tenant Info tab;

     • fill in the following fields:

     • "Client ID" - copy the text from the "Client ID" field in the Google Developers Console;

     • "Client secret" - copy the text from the "Client secret" field in the Google Developers Console.

• • save the record;

• • do a "Reset client + server cache".

After going through the steps described above, log out from SocrateCloud with the system user and from the Google Developers Console. The setup will now be complete and any user from any tenant in the system will be able to access the application using a Google email account.