Make your operators' lives easier by allowing them to authenticate within iAdvize from their own centralized authentication system (Identity Provider).
2. Use case
If the operators have to switch between several apps (including iAdvize) during their daily work, SAML is one of the most recognized SSO protocols in the market today and is very well spread across large companies. It allows customers to authenticate their users within iAdvize by using their own centralized authentication system (Identity Provider).
SAML authentication can be useful for two main reasons:
- security: it allows customers to authenticate their users into multiple tools with only one centralized user account for each user(thus requiring one login/password only), and to parameter user authentication and authorizations to multiple tools from a single authentication system.
- user deployment: it allows customers to onboard lots of users (hundreds or thousands) easily and quickly without the need for creating and handling specific user/password for each of them. It’s based on the domain controller/Active Directory/database users’ password.
If you are interested in using the SSO SAML Authentication, please get in touch with your Customer Success Manager.
iAdvize uses the email address as a unicity key so it has to be unique.
The user email address has to be the same between iAdvize and your Identity Provider.
The users must be also created on the domain controller/Active Directory/database beforehand.
5. Implementation steps
Here are the following steps to fulfill in order to configure the connection:
|5.1.3. Expose the email of your user as a Name ID or specific SAML attribute||> iAdvize uses the email to map your users to iAdvize users|
|5.1.4. (optional) Send us your email domain to force users to use SSO||> That is applicable only if you want to use mobile application and/or you do not want to use SAML direct link or to avoid login/password connection|
5.2. Connecting a user
6. Current limitations
- logout is not available
- no auto-provisioning (you can create iAdvize users through API)