...
To use SAML authentication, you will need SAML set up for your instance with an Identity Provider (IdP), such as Microsoft ADFS, OneLogin, Elastic SSO, or others. You can view a list of available SAML IdPs at Wikipedia's SAML based products page.
| Info | ||
|---|---|---|
| ||
Some identity providers (such as Workspace One) have additional public/private key authentication requirements in excess of what is required in ProVision. If you receive a SAML configuration error of "Unable to load private key" or similar, please check your IdP requirements and documentation. |
Users and Permissions:
User credentials will need to be created and associated with ProVision permission group names via the IdP. All user creation, management and permissions handling occurs via the IdP, externally from ProVision.
...
From the ProVision login page, select SAML from the authentication options dropdown - you do not need to enter Username or Password.
You will be redirected to the IdP site as set up in the Admin Configuration - here, we are using Microsoft ADFS (Active Directory Federation Services).
...
After the initial login via the IdP (as long as the auth token is present) users will be able to login to ProVision simply by selecting the "SAML" options from the ProVision login page without entering credentials.
The auth token may be destroyed or not available if browser cookies have been cleared, a different browser used, or the browser fully closed, depending on security settings. In these cases, the user will need to sign in again via the IdP.
...