Symptoms

Under the User Management, the user's email address is displayed as an alpha-numeric string instead of in the email address format.

 



Cause

When using the "POST" attribute instead of "GET" in the SAML request causes the user's email address associated with the SSO to show up as an encrypted, alpha-numeric value.



Resolution

Use "GET" and not the "POST" attribute when configuring your Identity Provider. 

When you log in using SSO, VIDIZMO sends a request to your IDP for authentication. Upon authentication, VIDIZMO receives a response from the IDP - the SAML response, containing attributes required for integration with VIDIZMO. 


Every SAML Identity Provider has a different set of attributes that records user data like User Name, First Name, Last Name, and Email etc. This data needs to be mapped correctly in VIDIZMO which has its own set of attributes to capture information in its database. 


For the information to match between the two applications, you need to have the following attributes either as an exact match or you will have to define them in the SAML Identity Provider: 


Attributes required from SAML Identity Providers for integration with VIDIZMO

VIDIZMO Attribute

Value

User.Email

Email Address

User.FirstName

First name

User.LastName

Last Name

Primarysid

User-Principal-Name/SID

Groups

Token-Groups-Unqualified Names


In addition to the attributes defined above, the following information is also required from the SAML Identity Provider:

  • SAML Login URL
  • SAMLP Request 
  • Issuer URL from SAML response verifying the Identity Provider
  • Request Signing Certificate (X.509)



Click on the links below to learn more about SSO in VIDIZMO:


VIDIZMO Single Sign-on

Understanding Single Sign-On Options

Setting up Single Sign-on with VIDIZMO using SAML/ SAMLP

Difference Between Vidizmo ID Connector & ADFS Single Sign-On

How to Setup SSO Using Okta