Security Assertion Markup Language, or SAML, is an authentication standard that allows a unified identity platform, like Okta or Azure, to authenticate users in lieu of a typical username and password.
After Filevine’s SAML integration is enabled, users can log in using their SSO credentials—eliminating the need to remember yet another password and enhancing security for your IT network.
To enable SAML, reach out to your Filevine representative.
Filevine SAML is meant to be set up and maintained by a seasoned IT professional. Filevine provides only limited support in setting up the SSO connection, and does not provide support after the SSO connection is set up.
Heads Up!
SAML can sometimes be used to facilitate provisioning of permissions in an application. For example, in some implementations, the identity platform admin controls application permissions from the SAML provider. However, Filevine SAML serves as a method of authentication only. Any additional permissions must be granted within Filevine.
Invite SAML Users
To add a new SSO-enabled user, assign the Filevine application to the user in your SAML provider. The first time they access Filevine through your SAML provider, a Filevine account will be created for them. If you only have one Org, the new user is added automatically. Additional permissions can be assigned afterward.
If you’d like to notify the user that they’ve been granted access to Filevine, you can send them an SSO-enabled invite from Filevine via email. When they click the email link, they will be routed to Filevine through your organization’s SAML provider.
User Experience
On the login screen, users can click Sign in with [Provider Name]. This action directs the user to the login screen for the customer’s SSO provider.
Once the user is authenticated, they are redirected back to Filevine. If a user has already logged in to the company’s SSO on their browser, they’ll be logged in immediately after pressing the SSO button.
Account Manager Tool
In the Account Manager tool, Account Admins can manage their user’s access, including disabling MFA, setting temporary passwords, and disabling and enabling other users. They can also view user authentication activity, like attempted sign-in and forgot password requests.
Comments
0 comments
Article is closed for comments.