|
|
|
|
|
|
|
|
|
|
|
|
|
|
When SAML SSO is activated for a user account, the user will no longer log in to the service using their service credentials. Instead, users will click a link to enter a username and password to authenticate to their identity provider (IdP). Upon successful authentication, the IdP redirects to the service's Assertion Consumer Service URL, the service validates the contents of the response, resolves the usernames and starts the user's session.
The account must have these settings:
1) SAML SSO must be enabled for your subscription by support or your account manager.
2) The New Data Security Model must be accepted for the subscription. A Manager can opt in by going to Users > Setup > Security.
Go to Users > Setup > SAML SSO Setup. Select the option "Enable SAML SSO for new users".
Go to Users > Users and edit the user's account. You'll see the SAML SSO option in the Security section.
If both Symantec VIP and SAML SSO are turned on for the same account, SAML SSO will be used and the Symantec VIP option will be ignored.