Skip to main content
All CollectionsValimail SuiteGeneral SettingsSSO for Valigov
Integrating Valigov Enforce with a SAML 2.0 SSO Provider
Integrating Valigov Enforce with a SAML 2.0 SSO Provider
Updated over a year ago

Valigov Enforce supports integration with Identity Providers (IdP) that support the XML-based Security Assertion Markup Language (SAML) 2.0 protocol.

For IdPs where Valigov Enforce doesn't appear in the app catalog or those without app catalogs, but support SAML 2.0, Valigov can be implemented using the following instructions.

Configuring Valigov Enforce with an IdP is a two-step process. Step 1 involves working within the IdP to configure Enforce as an app. Step 2 involves working within Enforce.

Step 1: IdP Configuration

A SAML 2.0 compliant IdP will typically require, at a minimum, the following data to configure an app:

Attribute Name

Value

SAML Assertion Consumer Service (ACS) URL

Recipient URL

Destination

Audience URI (SP Entity ID)

Default RelayState

leave blank

Name ID Format

This should be in the form of an email address.

Name ID: Some IdPs may need to know what format in which to send the Name ID to Valigov. The IdP should send in the format of an email address.

Additional Attributes: Enforce expects some additional user information to be passed by the IdP, these are:

Attribute Name

Name Format

Value

FirstName

Unspecified

The user's first name as it appears in the IdP.

LastName

Unspecified

The user's last name as it appears in the IdP.

⚠️ Note: the attribute names above are case-sensitive and should appear in the IdP configuration exactly as they do here.

Step 2: Valigov Enforce Configuration

1. Obtain the IdP Metadata file from your SSO provider. Some providers make this available through their user interface or online help, while others may require you to contact their Support Team. You will need this before continuing with setup.

⚠️SSO testing will fail unless you have also added to Valigov Enforce any users who should have access. Ensure users have already been added in Valigov Enforce under Account Settings.

2. In a new browser tab/window, go to https://app.valigov.com and login to Valigov with your username and password.

3. Click on your account name and click Account Settings.

a screen shot of a computer

4. In the Authentication section, click the Setup button.

a screenshot of a computer

5. In the Single Sign-on Configuration section, scroll down to the IDP Metadata File section and click the Choose File button. Locate the XML file you saved in Step 16 and upload it.

a close-up of a box

6. Then click

a blue rectangle with white text

at the bottom of the page.

7. Testing IdP-initiated SSO: Open up a private/incognito window in your browser and go to your SSO provider's login portal, login with your SSO credentials, locate and then launch the Valigov Enforce app. If SSO was successful, you'll arrive at the Valigov Enforce home page for your account.

8. Testing SP-initiated SSO: Open up a private/incognito window in your browser and go to https://app.valigov.com and enter your SSO username (email address). You will see the following message -- click Sign in with SSO. You will then be taken to your SSO provider's login screen and the IdP-initiated login flow. If SSO was successful, you'll arrive at the Valigov Enforce home page for your account.

a screenshot of a sign in
Did this answer your question?