Base informations about SSO domain are here.
But, in module extras, you can activate extend for more user's logins.
For it need:
First step is setting in configuration:
Enable idm.sec.extras.authentication-filter.extras-sso-authentication-filter.enabled=true
Choos owner type idm.sec.extras.authentication-filter.extras-sso-authentication-filter.chooseField set 'identity' or 'contract'
Disable idm.sec.core.authentication-filter.core-sso-authentication-filter.enabled=false
Set domain name to idm.sec.extras.authentication-filter.extras-sso-authentication-filter.uid-suffixes. Domain name must have prefix "@".
Set header name to idm.sec.extras.authentication-filter.extras-sso-authentication-filter.header-name=REMOTE_USER
Set definition's of code idm.sec.extras.authentication-filter.extras-sso-authentication-filter.definition-code
Create new definition if need.
Set whet fields will be use for authenticate. The parameter need set to idm.sec.extras.authentication-filter.extras-sso-authentication-filter.attribute-code
Next step is configurate form definitions:
Create new definition.
Create form attributes.
Final step will add logins:
for type entity.IdmIdentity go to users→user's detail→more information and write login(s) for auth.
for type entity.IdmIdentityContract go to users→user's detail→positions→positions's detail→more information and write login(s) for auth.
That's all.