Shared SSO between apps
When setting up SSO for a client's active directory, you normally need to provide them with an Entity ID from our platform in the form of `https://saml.crowdcomms.com/<unique identifier>`. That unique identifier is specific per app. What this means is that clients can only access 1 app per active directory, and they typically re-create and re-populate new active directories if they have multiple apps with us.
There is now capability to share an active directory among multiple apps:
- Let the client choose any entity ID as long as it starts with `https://saml.crowdcomms.com/` eg `https://saml.crowdcomms.com/dlt`
- Have them set that as our Entity ID in their active directory
- Fill that suffix in in the 'Entity ID Suffix Override' field in the App Settings in the CMS
We provide the choice because clients may decide they want multiple Active Directories that are shared for whatever reason. So we may have `dlt1`, `dlt2`, etc that are linked to multiple apps each