1. Login to your Ipdative Portal as an administrator.
2. Click Web Apps in the left pane, then click Add Web Apps.
3. Click the Custom tab, then scroll down and click Add for the SAML web app type.
4. Click Yes to the confirmation questions "Do you want to add this application?", then click Close.
5. On the Settings page, enter the following details:
- Name: Valimail Enforce
- Description: <set to blank or a description of your choice>
- Logo: Download the 180x180 Valimail logo from here to your local machine, then upload it to Ipdativ.
- Application ID: https://app.valimail.com
6. Click Save.
7. Click Trust in the left-center pane, then click Download Metadata File. Save the file to your local drive.
8. Scroll down to the Service Provider Configuration section and select Manual Configuration.
Enter the following details and as depicted in the following screenshot:
- SP Entity ID / Issuer / Audience: https://app.valimail.com
- Assertion Consumer Service (ACS) URL: https://app.valimail.com/sso/consume
9. Click Save.
10. Click SAML Response in the left-center pane and add the additional attributes as depicted below, then click Save.
Set things up in the Valimail platform
1. Be sure to add any users who should have access SSO access to Valimail, including the administrator user with which you are currently logged into Centrify.
⚠️SSO testing will fail unless you add your user during this step and also ensure the user has already been added as a user in the Valimail Product under Account Settings.
2. In a new browser tab/window, go to https://app.valimail.com and login to Valimail with your username and password.
3. Click on your account name and click Account Settings.
4. In the Account Security section, click Setup.
5. In the Single Sign-on Configuration section, click Upload IDP metadata file.
6. Locate the XML file you saved in a previous step and upload it. You can drag and drop it or click Add IDP metadata file to open a browser to find your file.
7. Click Enable.
Test it Out
1. Testing IdP-initiated SSO: Open up a private/incognito window in your browser and go to the Centrify login portal, login with your Centrify credentials. If SSO was successful, you'll arrive at the Valimail home page for your account.
2. Testing SP-initiated SSO: Open up a private/incognito window in your browser and go to https://app.valimail.com and enter your Centrify username (which is usually an email address). The password field will become disabled and you can click Log In with SSO. You will then be taken to the Centrify login screen and the IdP-initiated login flow. If SSO was successful, you'll arrive at the Valimail home page for your account.