Support Central
Some organizations’ staff can access Aconex through their internal company networks, using their company credentials (SSO).
This service is currently on restricted release and is not available to all clients.
The high compliance instance of Aconex allows you to log in to Aconex on two different devices or browsers at the same time. In technical terms this is known as having two separate login sessions at the same time. Learn more
This article covers:
Some organizations have arranged with Aconex to use Single Sign On (SSO) technology, which lets staff access Aconex using the same credentials they use to log into their company intranet or other networks.
What this means is that those companies’ employees don’t need to remember a separate Aconex login: when a person logs into the company network, they will be logged into Aconex automatically.
Only organizations who have purchased this feature can use it. To find out if your organization’s subscribed, contact your Organization Administrator.
Aconex users in organizations that have had this feature enabled use their company network login details to access Aconex.
These are usually the credentials you use to get access to your work email, intranet, or shared corporate systems.
If you’ve been directed to access Aconex via your company network, and your login details don’t work, contact your Organization Administrator.
As part of the setup process, you’ll be asked to enter your existing Aconex username and password. If you can’t remember those details, reset them instantly online.
Once you’re set up, Aconex will no longer request a password from you. Instead, you’ll always be redirected to your company login page to gain access to Aconex.
No. SSO authentication is granted as part of a role within Oracle Aconex and can be controlled individually for each user.
Yes. Aconex Global Login allows multiple Aconex user accounts across multiple organizations and instances to be accessed with a single username and password.
If these Aconex users are linked to Global Login first and then SSO enabled for those user accounts, the user will able to access all these user accounts with a single set of SSO credentials.
Can I manage users in my own IAM and have these changes populate to Oracle Aconex using SCIM or similar?
No. Oracle Aconex SSO is a service for authentication only. User administration takes place within the Oracle Aconex application.
Is unsolicited web SSO (IDP initiated SSO) supported?
No. Oracle Aconex supports Service Provider Initiated SSO only.
Can Oracle Aconex SSO be used with Azure Active Directory?
Yes, Oracle Aconex supports SAML 2 integration with Azure AD using our SSO product. Note, only the service-provider initiated implementation of SSO is supported. The claim type should be NameId.
How should the attribute contract be configured?
Oracle Aconex only requires the authenticated user's identity (email address, uid, etc) to be returned in the SAML subject. We do not need any additional claims or assertions.
Can I use multiple identity providers in my organization?
No. One organization’s users can only be mapped to a single IdP
Does this service require ongoing maintenance effort by the customer?
Yes. From time to time changes may be needed to the configuration to maintain the service and update certificates as required.
Can I authenticate for API calls with SSO?
Yes. An integration can use OAuth with SSO to access the Aconex external APIs as a user that is authenticated through SSO.
