Home
Vantage
Administrator Guide
Information about the Administration section of Vantage, and the tasks that you can do in this part of the software.
SAML integration
SAML integration configuration
It is important to understand how Vantage uses security assertion markup language (SAML) single sign-on (SSO) for authentication.

Vantage
- Introduction
  An overview of Vantage.
- Administrator Guide
  Information about the Administration section of Vantage, and the tasks that you can do in this part of the software.
  - Administration
  - Migration
  - SAML integration
    - SAML integration configuration
      It is important to understand how Vantage uses security assertion markup language (SAML) single sign-on (SSO) for authentication.
    - IdP configuration for SAML integration
      It is important to understand the different parameters that are needed to configure your identity provider (IdP) for security assertion markup language (SAML) integration in Vantage.
    - Configure your IdP for SAML integration
      Before you configure Vantage's settings for single sign-on (SSO), you need to define a new application in your identity provider (IdP).
    - Configure Vantage for SSO
      Before you can use single sign-on authentication in Vantage, you must configure Vantage.
    - Troubleshooting SAML integration
      Methods that you can use to test that the security assertion markup language (SAML) integration has been successful.
    - Configure a Google Workspace SAML application
      You can integrate Google Workspace with Vantage to provide single sign-on (SSO) services. You should also refer to the Google Workspace documentation for more details on their solution. This topic describes Vantage-specific configuration details when using Google Workspace as your identity provider (IdP).
    - Configure an Okta enterprise application
      You can integrate Okta with Vantage. To do this you must create an enterprise application in Okta and assign users to it.
    - Configure an Azure Active Directory enterprise application
      You can integrate Azure Active Directory with Vantage. To do this you must create an enterprise application in Azure Active Directory and assign users to it.
- User Guide
  Information about the main features of Vantage and the tasks that you can do from the user interface (UI).
- Print format documentation
  A list of all the print-format documentation that is available for Vantage.

SAML integration configuration

It is important to understand how Vantage uses security assertion markup language (SAML) single sign-on (SSO) for authentication.

General

Vantage supports security assertion markup language (SAML) single sign-on (SSO) authentication. Our integration requires your identity provider (IdP) to be compatible with SAML 2.0. To authenticate, Vantage requires the user's:

Email address
Entity ID attributes

The SAML configuration process is often error prone. This section assumes that you’re familiar with:

The SAML protocol
Your IdP software
The exact details of your specific IdP implementation

You will need to configure:

Group creation

Before authentication can work correctly, you will need to have a Vantage group that matches your IdP's roles.

You can use the roles SAML ID or SAML name as defined in your IdP.

When you create a group in Vantage, enter the SAML ID or SAML name of the corresponding IdP role. If a Vantage group isn't mapped to an IdP role, authentication will fail for users assigned that role.

When a user logs into Vantage and authenticates, if the Vantage group doesn't include that user, Vantage will automatically add the user to the group.

For more details, see Group membership.