SSO Implementation Customer Overview
Vyopta provides Single Sign-On (SSO) through the Security Assertion Markup Language (SAML) standard. This mechanism, allows customers, through their Identity Provider (IdP) platform of choice, to provide authorization credentials to Vyopta’s Collaboration Performance Management (CPM) application, which plays the Service Provider (SP) role in the SAML negotiation process. Customers must have IdP software installed that supports the SAML 2.0 standard. Examples of compliant IdP software include Microsoft ADFS 2.1 or later, Okta, Oracle Identity Federation, SailPoint IdentityNow, and SecureAuth, as well as a free option called OpenTPS. The SAML 2.0 standard is widely accepted, so it is likely that your IdP platform supports it.
Before we can start with the SSO integration, we will need to schedule a kickoff meeting to review how the integration works, and the requirements behind the integration. We suggest having a member of your Identity Provider team to be part of the kickoff call.
To start off the integration process, please open a new ticket on our support team and ask the support team to schedule a SSO kickoff call, and we will will go ahead and schedule the call. During the kickoff call, we will be providing additional information to set up the integration.
Required IdP Assertions
Your IdP software must be configured to provide the following assertions, for our SSO integration to work:
● email: required - user's email (used as ID)
● name: required - user's display name
● memberOf: required - comma separated list of Vyopta application groups. There are four groups currently honored by the Vyopta application:
- vyopta_admin - Vyopta application administrator. This includes vAnalytics viewer privileges. (Therefore, an administrator does not need to be included in both groups.)
- vyopta_vanrptvwr - Vyopta vAnalytics viewer (our 'default' role for CPM Monitoring, CPM Analytics and Workspace Insights)
- vyopta_vanrptrdr - Vyopta vAnalytics viewer reader only. This user will only have access to viewing dashboards and datasets in both CPM Monitoring, CPM Analytics and Workspace Insights.
- vyopta_vandbvwr - Strict Dashboard Viewer role. This user will only have access to viewing dashboards only in CPM Monitoring, CPM Analytics, and Workspace Insights
Please sign in to leave a comment.