1. Login to your IBM Cloud Identity account with administrator credentials.
2. Click Add application.
3. Click Add application again.
4. Select Custom Application and click Add application.
5. On the Add Application > General tab, enter the following data:
Name: Valimail Defend
Company Name: Valimail
6. Click the Sign-on tab and enter the following data:
Sign-on Method: SAML 2.0
Provider ID: https://defend.valimail.com
Assertion Consumer Service URL: https://defend.valimail.com/sso/consume
Check Use Identity provider initiated single sign-on
7. Scroll down to the Attribute Mappings section and enter values indicated in the below screenshot and click Save.
8. In the right-panel, locate section 4 and download the Identity Provider Federate Metadata file and save it to your local drive.
9. Now login to https://defend.valimail.com, click your Account Name (in the upper-right corner), and click Account Settings.
10. Click Setup in the Authentication > Single Sign-On section.
12. Enter the following information:
IdP Metadata File: click Choose File and upload the file you saved in Step 8.
Enable JIT Provisioning (optional): Check this option to enable Just In Time (JIT) Provisioning.
Provisioning Domains (for JIT): Add one or more provisioning domains.
Click Enable Single Sign-On.
13. Before testing SSO, ensure the users you wish to test with are listed as users in the Valimail Account Settings > Users section (unless JIT Provisioning is enable, in which case this is not necessary).
⚠️ If SSO was unsuccessful and you're unable to login to Valimail Enforce, just email firstname.lastname@example.org for assistance.