What is an Enterprise SSO?
Enterprise SSO (Single Sign-On) is a feature of VALD that allows all users in your organization to securely access all applications in the VALD suite using your designated Identity Management Provider.
When set up, your IT administrator can enforce corporate security policies for every VALD user and centrally manage users through your Identity Management Provider.
How do I register for Enterprise SSO with VALD?
To discuss suitability for enabling Enterprise SSO within your VALD organization, please reach out to your local VALD Business Development Manager.
Using Enterprise SSO with VALD
Logging in
When you register for Enterprise SSO you will need to nominate what email domains should use your Identity Management Provider.
When a user attempts to log in to a VALD application using an email address with that domain, they will be redirected to authenticate with your organization's Identity Management Provider.
Inviting new users
Once you have set up Enterprise SSO on your VALD account, you can easily invite new users with the your nominated email domains.
- In VALD Hub, navigate to Management > User Access.
- Click the button in the top-right.
- Enter in the details of your new user, and set their appropriate user permissions.
- Click the button to send an invitation to the new user.
Each new user will need to open their invitation email and activate their account before they are able to log in.
Troubleshooting and FAQs
Can I resend an invite to a user?
If you have sent an invitation to a new user and they are yet to activate their user account (or have lost their activation email), you can resend this in the User Access screen.
- Navigate to Management > User Access and click into the Invitations tab.
- Locate the user and click the three dots next to their name, selecting Resent Invite Email.
Invitations can also be redacted if you so wish.
I want to set up Enterprise SSO, but what happens to my existing users?
Once you register for Enterprise SSO, all existing users will be redirected to authenticate their next login with your designated identity provider.
To avoid malicious actors, we require that the user enter their existing username and password to prove that they own the account.
After that initial login, the accounts will be linked and all future logins will redirect to your designated identity provider.
How does the logic work for adding new users if I don't have Enterprise SSO?
You can add give new users access to your VALD organization account by following our support guide.
When a new user is added to a VALD organization, we firstly check if the user already exists within our environment.
If the user exists | We will grant them access to the organization. |
If the user does not exist |
We will firstly need to create them in our Identity Management System and then grant them permission. In the case of Enterprise SSO users, we do not create them. Instead, they are registered with the Identity Management System when they first log in. |
Can users sign up for TeleHab with Enterprise SSO?
The TeleHab functions and features are already available natively within VALD Hub. If a user attempts to sign up for a new TeleHab-only organization using an email domain registered for Enterprise SSO, the organization will not be created.
This is to ensure all user accounts and organizations are centrally managed by your Identity Management Provider.
xThey will receive an email instructing them to contact the VALD Support Team at support@vald.com.
Can we use email aliases to create new users?
Due to the functions and limitations of Enterprise SSO, email aliases (e.g. "username+alias@domain.com") cannot be used.
Comments
0 comments
Please sign in to leave a comment.