Skip to main content
Version: 2024.12.12

Connect to SAML Provider

In this topic, you will find instructions on how to establish a connection with an identity provider using the SAML protocol.

Prerequisites

Before you begin, ensure to have the following details from your IdP readily available:

  • metadata URL (different IdPs may have different names for this)
  • The assertion names for the following user information: first name, last name, username, email. For more information, see Map User Data.
note

This information can be obtained by reviewing the Digital.ai application instance configured in your IdP. If you have not already created an app instance for Digital.ai, you must do so before continuing. We recommend working with your IT team or whoever manages SSO administration at your company.

Log in to the Digital.ai Platform

  1. Log in to the Platform as an administrator.
  2. In the left navigation, under SSO, click Identity providers.
    • Alternatively, you can click the Setup identity provider on the Platform overview page.
  3. Click Add identity provider button to open the identity provider configuration wizard.

Step 1: Select Provider Page

On the Select provider page, do the following:

  1. In Select authentication service, choose Add SAML Provider.
  2. In Select identity provider, choose the provider that your company uses. If your provider is not listed, choose Other.
  3. Under Configure your Identity provider, in Identity Provider display name, add a unique, user-friendly name for the IdP. This name will appear on the Digital.ai Platform login page.
  4. Click Next.

Step 2: Config identity provider and metadata Page

On the Config identity provider and metadata page, do the following:

  1. Copy the Redirect URI and Service Provider Entity ID.

  2. Now, in another browser window, you'll need to move over to your IdP account and use the Redirect URI and Service Provider Entity ID to identify the Digital.ai Platform as a valid redirect URL. The process for completing this task will differ depending on which IdP you use.

    note

    Depending on your role in your organization, you may need assistance from IT or whoever manages SSO administration at your company.

    tip

    After you do this, you should be able to find the metadata URL if you hadn't already.

  3. Select I have the metadata URL for my identity provider and paste the metadata URL into the Enter Metadata URL field.

    • You can alternatively choose one of the other options here if it makes more sense for your situation.
  4. Click Next.

Step 3: General Page

On the General page, do the following:

  1. In SAML configuration, enter the Single Sign-On Service URL.
  2. Click Next

Step 4: Advanced config Page

  1. Review the page and make any changes if necessary.
  2. Ensure that Sync Mode is set to FORCE. Sync Mode is set to FORCE by default, which allows Digital.ai to update a stored user's data whenever it is changed in the IdP. If you set it to IMPORT, user data is only imported the first time they log in through the IdP.
  3. Click Next.

Step 5: Mappers Page

Mappers are required to ensure that the Platform correctly parses user information from your IdP. For more information and instructions on how to add mappers on this page, see Map User Data.

Step 6: Summary Page

  1. On the Summary page you can review the configuration details.
  2. Click Create identity provider.

A new button will now appear on the Digital.ai Platform login page with the name you added at the beginning of this procedure.