Accessing Capillary

This article provides the different ways of accessing InTouch.

InTouch is deployed in different clusters. Before accessing InTouch, you need to know the cluster of your org and login credentials provided by Capillary.

The following are the links to different clusters of InTouch:

You can access InTouch in three different ways:

Using Capillary InTouch email Id and Password
Using Capillary's Official Google account credentials
Using SSO

Login with Capillary Credentials

Get Started with Capillary InTouch! InTouch is a cloud-based platform that contains the entire product modules, including Organization settings and Workbench. InTouch can be accessed by all authorized users and brands. There are several user roles on InTouch and access is managed at the page level. Not everyone will have write access or access to all modules. Super Admins will provide access to users based on their role and scope.

Enter the credentials provided by Capillary in Email Id and Password then click on Sign in.

502

Login with Capillary Google account

You can now sign in to InTouch using your Capillary Google Workspace account.
That means:

  • No need to remember your Intouch password anymore
  • No more Intouch password reset every month
  • Convenience and security

Prerequisite

You should have a Capillary Google Workspace account (e-mail address with domain capillarytech.com)

Login with Google Credentials

  1. In a browser, open the URL of your cluster.
  1. Click on Sign in with Google as shown below.
685
  1. Enter the email ID your Capillary Google Workspace account and click Next.
  2. Enter your password and click Next.
696

You will see Intouch Workbench. If you have already signed in to your Capillary Google Workspace account, you will directly see the Workbech page.

1920

Login with SSO

Sign in with a single set of credentials used for multiple applications provided by third party like Microsoft ADFS, G Suite SAML. It allows brand users to login to Capillary Intouch using their Identity Provider (IdP).

Setup SSO with Okta
We have partnered with Okta for the integration. SSO setup requires configuring a connection for Capillary in Org’s IdP and setting up Org’s Identity in Okta Admin Console.

To set up SSO with Okta, follow these steps.

Step 1 - Set up a connection for Capillary in Org’s IdP

  1. Capillary PoC has to send an email to the Capillary access team with a request to set up SSO for the organization providing the following information.
  • Organization name and ID

  • Email domain of the organization. For example, the domain is org.com if the Email Id is [email protected]

  1. Capillary Access team will share the following information, which should be shared with the org PoC
  • Assertion Consumer Service (ACS) URL.

  • Service Provider (SP) Entity ID or Audience URL or Entity ID.

  • User profile attributes need to be passed as SAML assertion - email, first name, and last name. Email ID mandatory.

  • [Optional] Attribute that defines if the user has access to Capillary. For example, group, organization. This is required if the org wants to define which employees have access to Capillary.

  1. Org PoC will use the above information to create a connection for Capillary in their IdP and respond with the following information.
  • Identity Provider SSO URL.

  • Identity Provider Entity ID.

  • Identity Provider Certificate signature.

To know about the SAML terminologies, read How SAML works?

Step 2 - Setting up Identity Provider in Capillary

  1. Capillary or Org PoC will share the information provided in step 1.3 (above) with the Capillary Access team.

  2. Capillary Access team will add an Identity Provider in Okta Admin Console and respond with setup confirmation.

898

Step 3 - Provide Capillary application’s access to Org users

Use Data Import to add Org users to the Capillary application with the appropriate access level.

  • When you add users on InTouch, a verification email is sent along with the password setup link. The required change to disable the step is in progress and will be released soon. Until then, only Data Import to add Org users.

Step 4 - Authenticate with Single Sign-on

Once setup is completed, the org users can authenticate using SSO as explained in the following steps.

  1. On the new sign-in page, click Sign in with SSO.

  1. In Username, enter a valid email address and click Next.
    You are redirected to the Identity provider’s page to complete authentication.
598
  1. On the Identity Provider’s page, enter your registered email address, password, and click Sign in.
671

When the login is successful, you will see the InTouch home page.