Single Sign-On
Single Sign-On allows users to log into MetaDefender Vault without requiring them to enter Active Directory credentials or create a local account. Enabling single sign-on is available for Identity Providers (IdP) that suppport the OpenID Connect protocol.
For a step by step tutorial, please see how to:
In order to set up single sign-on, please go to Settings → Single Sign-On
Name | Description |
---|---|
Enable SSO | Turn SSO integration on / off |
Ignore TLS Certificate | Accept requests from the IdP even if the certificate is not fully trusted |
Load User Profile | Attempt to retrieve user claims by calling the /userinfo endpoint |
Provider Name | A friendly name that identifies the IdP in Vault |
Authority | The URL of the IdP |
IP Address Or Domain | The IP or domain of the Vault instance that will be used to construct the Redirect URL |
Redirect URI | The generated URL where the user would be redirected by the IdP after the authentication |
Client ID | A unique identifier assigned by the identity provider to registered clients |
Client Secret | A randomly generated sequence issued by the identity provider and used in client authorization |
Administrator Emails | A list of emails that will be used to assign administrative privileges for users with matching emails; these users would be assigned the ‘Administrator’ role in Vault |
Integration Scopes (Optional) | A list of optional scopes to be used when making the request to the IdP |
Additional endpoints (Optional) | Specifies a list of additional base addresses that should be allowed for endpoints |
Was this page helpful?