Configuration

You need to activate your organization before you proceed with custom IDP SSO setup.

SAML identity provider

When you will visit Organization Settings page on Dashboard you will find main VGS service provider details, needed for SAML identity providers configurations like Okta, Google etc

  • ACS URL - VGS service provider endpoint (URL) that is responsible for receiving and parsing a SAML assertion. Keep in mind that some identity providers use a different term for the ACS.

  • ENTITY ID - a globally unique name for VGS Service Provider (SP).

  • LOGIN URL - you will use this url to login to Dashboard with your identity provider.

  • METADATA URL - a set of information supplied by the IdP to our SP, and/or vice versa, in xml format. This needs to be provided to VGS.

If your identity provider does not provide METADATA URL, you should contact our support [email protected] and provide your IDP configuration details.

Integration

You can configure any identity provider that support SAML 2.0. Also you can use one of the manuals listed below:

When you configured your IDP, you need to copy and paste METADATA URL and press Save. After that, you need to enable SAML SSO login with toggle to start using it.

After you've enabled SAML SSO Login you will be able to login to Dashboard via LOGIN URL.

Verify SSO

  1. Open the LOGIN URL that you copy on Organization Settings. It should automatically redirect you to the IDP sign-in page.

  2. Enter your username and password. After a successful authentication, you will be redirected back to VGS Dashboard.

Restricting access to SSO-only logins

Only users logging in with your configured IDP will be able to access your organization. Users logging in with username/password, or with a different IDP, will be prevented access to your organization.

To enable SSO-only login you need to follow these simple steps:

  • Login with your IDP via LOGIN URL.

  • Enable Require organization members to sign in using SAML SSO toggle on Organization Settings page.

  • Now access to your organization is restricted to only those users that have logged in using your IDP via LOGIN URL.

You may want to use this feature to be sure that removed users from your IDP can not see Organization details anymore.

PreviousSAML 2.0NextGoogle Workspace

Last updated