Not only does setting up SSO make the login experience much simpler for your employees by reducing the number of passwords they need to remember, it also hands your organization ultimate control over who gets authenticated into the application.
Implementing SAML is the first step to make this possible by enabling a secure communication between Da Vinci and your authentication systems.
What we need for SAML setup
- Sign-in URL (https://example.com/login)
- Email domain (e.g. company-name.com)
- X509 Signing Certificate
- We require
emailas an attribute in the SAML request, this can be done in two ways:- The user email is placed in the
user_idattribute - An explicit attribute for the user email
- The user email is placed in the
Any additional attributes will be ignored.
Optional
- The Sign-Out URL (https://example.com/logout)
For optional added security, we are able to provide a public signing key upon request.
Your identity provider may require the following to generate the values above:
- Entity ID -
urn:auth0:coherentpath-prod:saml-``<account_name> - Location/Single Sign-On URL -
https://auth.coherentpath.com/login/callback?connection=saml-``<account_name>