8.9 Single Sign-On
Single Sign-On allows users to log into MetaDefender Vault without requiring them to enter Active Directory credentials or create a local account. Enabling single sign-on is available for Identity Providers (IdP) that suppport the OpenID Connect protocol.
For a step by step tutorial, please see how to:
In order to setup single sign-on, please go to Settings → Single Sign-O
Name |
Description |
Enable SSO |
Turn SSO integration on / off |
Ignore TLS Certificate |
Accept requests from the IdP even if the certificate is not fully trusted. |
Load User Profile |
Attempt to retrieve user claims by calling the /userinfo endpoint |
Provider Name |
A friendly name that identifies the IdP in Vault |
Authority |
The URL of the IdP |
IP Address Or Domain |
The IP or domain of the Vault instance that will be used to constuct Redirect URL |
Redirect URI |
The generated URL where the user would be redirected by the IdP after the authentication |
Client ID |
A unique identifier assigned by the identity provider to registered clients |
Client Secret |
A randomly generated sequence issued by the identity provider and used in client authorization |
Administrator Emails |
A list of emails that will be used to assign administrative privileges for users with matching emails; these users would be assigned the ‘Administrator’ role in Vault |
Integration Scopes (Optional) |
A list of optional scopes to be used when making the request to the IdP |