Single Sign-On
Single Sign-On allows users to log into MetaDefender Vault without requiring them to enter Active Directory credentials or create a local account. Enabling single sign-on is available for Identity Providers (IdP) that suppport the OpenID Connect protocol.
For a step by step tutorial, please see how to:
In order to set up single sign-on, please go to Settings → Single Sign-On
| Name | Description |
|---|---|
| Enable SSO | Turn SSO integration on / off |
| Ignore TLS Certificate | Accept requests from the IdP even if the certificate is not fully trusted |
| Load User Profile | Attempt to retrieve user claims by calling the /userinfo endpoint |
| Provider Name | A friendly name that identifies the IdP in Vault |
| Authority | The URL of the IdP |
| IP Address Or Domain | The IP or domain of the Vault instance that will be used to construct the Redirect URL |
| Redirect URI | The generated URL where the user would be redirected by the IdP after the authentication |
| Client ID | A unique identifier assigned by the identity provider to registered clients |
| Client Secret | A randomly generated sequence issued by the identity provider and used in client authorization |
| Administrator Emails | A list of emails that will be used to assign administrative privileges for users with matching emails; these users would be assigned the ‘Administrator’ role in Vault |
| Integration Scopes (Optional) | A list of optional scopes to be used when making the request to the IdP |
| Additional endpoints (Optional) | Specifies a list of additional base addresses that should be allowed for endpoints |
Was this page helpful?