There are many reasons why your company may want to use your in-house identity provider (IDP) to authenticate users in the Monetate platform, most of which focus on security initiatives:
- It allows for different permission levels internally outside of what Monetate already offers.
- You can verify users in any kind of security audit and verify that only verified users are using the platform.
- Once you sign in, you're signed in to everything. You only need to remember one password.
With single sign-on (SSO), you can bring your own IDP and with some configuration, use client-initiated SSO. Monetate currently doesn't support a Log in with Google option.
SSO works for all accounts under your retailer.
Setting Up SSO
Follow these steps to set up SSO for the Monetate platform.
- Click the settings cog icon in the upper-right corner of the Monetate platform, and then click Integration.
- Click the SSO tab.
- Input the information that appears in the Monetate SSO Settings section into your IDP system.
- Click INSTALL SSO, input the necessary information in the Install SSO modal, and then click INSTALL.
Monetate SSO Settings
The following information appears in the Monetate SSO Settings section of the SSO tab.
Item | Example |
---|---|
Single Sign-On URL | marketer.monetate.net/auth/sso/complete/saml/ |
Metadata URL | marketer.monetate.net/auth/saml/metadata/sp/ |
Audience | marketer.monetate.net/sp |
Relay State | fifthlevelfashion |
Name ID Format | EmailAddress |
Required Attributes |
|
IDP Settings
You must input into the Install SSO modal certain information from your SSO provider. Your IT team should be able to provide you with this information.
Item | Description | Example |
---|---|---|
Entity ID | The ID for your IDP | http://www.okta.com/exkg3h0wg4HGJv79S0h7 |
Location (URL) | The URL for your IDP | https://dev-905741.oktapreview.com/a79S0h7/sso/sam |
509 Certificate | The certification for the IDP used to verify a request for authorization | A random string of letters and numbers |
Alternatively, you can also provide the metadata file from your SSO provider.