To set up SSO access to MyValidity, you will need to generate a metadata file from your SAML identity provider (IdP) and update MyValidity with your connection data.
Configurations that conform to the SAML 1.1 or SAML 2.0 protocol are supported.
Note: MyValidity does not support IdP-initiated login.
Enable SAML SSO at your IdP and generate metadata XML file
Your IdP may have a protocol for enabling SAML before a connection can be created. Work with your IdP to enable SAML if needed.
You'll also need to generate an XML metadata file from the IdP to create your connection. Your IdP may generate this file automatically for you, or you may be asked by your IdP to generate the file using a SAML template app.
In some cases, your IdP will ask for an Assertion Customer Service (ACS) URL and an Entity ID. In this case, please use these values:
-
Entity ID: urn:auth0:validity-prod:CONNECTIONNAME
Note: Enter the value for your connection name used in Step 2 below, including the appended Account ID, for CONNECTIONNAME. Do not use the phrase "CONNECTIONNAME" as is.
Set up MyValidity SAML connection
-
Sign into MyValidity and select SAML Setup from the dropdown menu under your username and organization.
-
Under Connection Name, enter a name for your SAML connection. This name cannot be changed, and it must be a single word (no spaces). MyValidity will append your Account ID to this value to ensure a unique connection name.
-
Under Email Domain, enter the domain used to access your IdP, such as mycompany.com. Do not include the @ sign.
-
Under SAML Configuration File, choose the .xml file created at the beginning of this process.
-
Under Field Mappings, map any custom attributes that don't align exactly to the attributes listed.
-
For example, if your email address field is "useremail" instead of just "email," map that under Email Address.
-
Your IdP may have specific instructions for field mappings.
-
-
If you would like MyValidity users to be automatically created on a user’s first login attempt, select the Provision User checkbox. Learn more about creating MyValidity users with SAML SSO enabled.
-
Select Submit.
SAML SSO is now configured in your IdP and MyValidity. Use your IdP service to sign into your MyValidity account and your Validity applications.