Skip to main content

Sign In to the FHR Merchandising Studio Using SSO

Documentation Team
  • Updated

    Introduction

    The Fredhopper Merchandising Studio uses Keycloak, an identity management tool, to enable secure and seamless Single Sign-On (SSO). This means you can log in using your company’s existing credentials and manage which users can access your FAS services using Microsoft Entra ID as an Identity Provider (IdP).

    Note: You can find more information on how to set up Keycloak and configure your IdP in Keycloak here.

    When using SSO to sign in to Merchandising Studio, note that:

    • Previously used local credentials can no longer be used to access the Merchandising Studio.
    • Former local users are switched to a default role upon enabling SSO. Roles have to be re-allocated by the Admin.
    • Adding and removing users from Merchandising Studio is no longer possible.
    • Users will be no longer prompted for basic authentication when accessing Merchandising Studio, Merchandising studio preview, and Insights. For all other endpoints, such as the /fredhopper/query path, the basic authentication remains mandatory as it assumes non-human access only.

    Instructions

    To access the Fredhopper Merchandising Studio using SSO:

    • Use only your customer-specific endpoint to access the Merchandising Studio, e.g. https://your-customer-endpoint-config-test1.fas.global.fredhopperservices.com/preview .
      → You will be redirected to your login page. 

      signinscreen.png

    • Click on the IdP you would like to log in with, e.g. Microsoft.
      → The chosen IdP's login page will open, e.g. Miscrosoft Entra ID.

      MSsignin.png
    • Insert your credentials. Depending on the chosen IdP, you might be asked to authenticate with the Authenticator app.
    • After a successful log in, you are redirected to the FAS preview page.

    • To access the Merchandising Studio, click the Merchandising Studio-Button. 

      preview_msbutton.png

      → You will be redirected to the Merchandising Studio without the need to authenticate again. 

    Note: Your role in FAS is determined by the groups your email address is assigned to in the IdP. 

    Note: If your organization uses multiple environments, user sessions are not shared across them even when SSO is enabled in all environments. Users must sign in again when switching to a different environment.

    Related articles

    Comments

    0 comments

    Please sign in to leave a comment.