Skip to main content

Reveal Review Publication

Single Sign On Service Integration for RelativityOne Release 12.3

February 2, 2022

Due to changes in RelativityOne Release 12.3 (Sundrop), the Single Sign On (SSO) integration requirements in Reveal AI have changed. In order to configure Relativity® SSO as an OpenID Connector provider, there are several new (or updated) settings in Reveal AI’s Tenant Setup area. They are required for Relativity® 12.3+ (RelativityOne) and optional for Relativity® 10.3+.

The new settings are in a section called Relativity® SSO service configuration. You may enable Single Sign On, and if applicable, enable Automatic User Provision. Single Sign On can function without Automatic User Provision, in which case an Admin would need to create user in Reveal AI.

To configure SSO for Relativity®, select the applicable tenant first. Navigate to the new section (Relativity® SSO). You need to provide

  • Relativity® URL - the SSO Service configuration’s “Relativity® URL” should not end in Relativity®. We assume and append “/Relativity®” to the provided URL.

  • Client ID – may be created directly by on-prem clients; must be requested from Relativity® for RelativityOne (see request template Appendix).

  • Client Secret - may be created directly by on-prem clients; must be requested from Relativity® for RelativityOne (see request template Appendix).

Consult your Relativity® documentation on how to obtain these values. All of the three values are required. Once you Save these values, test your settings by navigating to your main RelativityOne destination and launch Reveal AI. The Relativity® Single Sign On experience should take over the login process.

image1.png

Because the old “Story Engine Home” tab no longer works, an admin needs to create a new tab in Relativity® in each Relativity® Workspace that is connected to Reveal AI to replace it. To do this:

  1. In Relativity®, create a new Tab (under Workspace Admin > Tabs)

    1. Link Type = External

    2. Link = https://[host]/StoryEngineWeb/login?UseRelativitySSO=true&WorkspaceArtifactId=[Relativity® Workspace Artifact ID]&SecurityKey=[Reveal AI Storybook Security Key]

      1. [Relativity® Workspace Artifact ID] = the Artifact ID of the Relativity® Workspace

      2. [Reveal AI Storybook Security Key] = one of the two security keys available on every Reveal AI Storybook

      Example illustration from Relativity® 10.3:

    Relativity_Tab_Creation.png
Appendix

Relativity® Client ID and Client Secret Request Template

Dear RelativityOne support,

I would like to use RelativityOne as our SSO provider for Reveal AI (formerly known as NexLP Story Engine) in an OpenId Connect workflow.  Could you create us a record under Authentication > OAuth2 Client and provide the data for Client Id and Client Secret?

Name: [Whatever Relativity® Support would like to use]

OAuth flow: Code

Redirect URL: [Reveal AI callback URL]

Note

That is all lower case. Please be careful copying and pasting.

Access Token Lifetime (in minutes): 3

Comments:

  1. The Redirect URL should be created by taking the Reveal AI URL and appending “/other/sso/callback”. Here is an example:

    https://revealai.myhost.com/storyengineweb/other/sso/callback

    Important

    This must match exactly, be in lower case, and must use https. Reveal AI will convert the URL to lower case before sending.

  2. For Relativity® 10.3, here’s an example of a created record:

    image2.png

You may download a PDF version of this document here.