Setup Single Sign-On in VDV

Arnar Mar Sigurðsson Updated by Arnar Mar Sigurðsson

The IdP must be configured before the SSO Provider can be created in VDV. Please read Setup Azure AD for VDV or Manual provider setup for instructions.

You'll need the following info before continuing:

  • OpenID Connect Metadata URL
  • Client ID
  • Client Secret

Create new SSO Provider

  1. Open Setup -> Single Sign On and click the "+" button.
  2. Select the organization you want to configure SSO for.
    Enter the OpenID Connect Metadata URL from before, everything except Client ID and Client Secret will be automatically filled out using the metadata.
    Use the Client ID and Secret Value from before.
  3. Select the contact group to send new user notification to and enter a message for new users. This message is shown to users without any projects assigned to them.
Claim mappings are automatically configured for Azure AD. If you are using another IdP then make sure the mappings work with your IdP.

Administration and owning Organization settings

  1. "Allow admin mapping for this provider". Enabling this options allows specifying an SSO claim to look for and set the user as admin if it's found.
  2. "Allow admin role for this provider". Enable this to automatically set the user as Admin if they have the given role.
  3. "Allow all user roles". Enabling this allows the SSO provider to assign all user roles, even those not assigned to the owning Organization.

Configure the login page

  1. Open Setup -> Login Page and click edit on the login page you want to enable SSO or create another one.
  2. Click the "Enable SSO" checkbox and a new "Login with SSO" button will appear on the login page, the text in the button can be change using the "SSO button text" option.
The login page must be owned by the same organization as the SSO provider.

How did we do?

Setup Azure AD for VDV

Single Sign-On setup checklist

Contact Support