SAML integration configuration
It is important to understand how Vantage uses security assertion markup language (SAML) single sign-on (SSO) for authentication.
General
- Email address
- Entity ID attributes
Group creation
Before authentication can work correctly, you will need to have a Vantage group that matches your IdP's roles.
You can use the roles SAML ID or SAML name as defined in your IdP.
When you create a group in Vantage, enter the SAML ID or SAML name of the corresponding IdP role. If a Vantage group isn't mapped to an IdP role, authentication will fail for users assigned that role.
When a user logs into Vantage and authenticates, if the Vantage group doesn't include that user, Vantage will automatically add the user to the group.
For more details, see Group membership.