Vantage Launches Self-Service SAML-based SSO Configuration

by Vantage Team


Self-service SSO

Today, Vantage announces the launch of self-service single sign-on (SSO) configuration. Customers can now set up and manage SAML-based SSO connections for their Vantage account without contacting Vantage support. This ultimately allows team members to seamlessly and securely connect to Vantage.

Previously, customers could configure their SAML, Azure Active Directory, or Google Workspace identity providers to power the login to their Vantage account. However, this required emailing Vantage support to receive instructions and exchanging details in order for Vantage to complete the setup, which took time and was prone to error.

Now, customers have the ability to self-manage their SAML-based SSO configuration. Account owners can visit the “Authentication” section of account settings to manage their account’s SSO configuration. From this page, SSO connections can be added, removed, enabled, or disabled. Any existing connections will be shown on this page automatically.

This feature is now available for all users. To enable a SAML SSO configuration, account owners can visit the new Authentication section of the account settings page. If you have further questions on how to configure your IdP for Vantage, visit our documentation page and select your identity provider.

Frequently Asked Questions

1. What is being launched today?

Today, Vantage is launching the ability for all users to self-manage their account’s SAML SSO configuration. Customers can manage existing connections or setup a new connection.

2. Who is the customer?

The customer is any Vantage user who wishes to configure Single Sign On for their Vantage account.

3. How much does this cost?

There is no additional cost to using SSO.

4. Which IdP providers does Vantage support?

Currently, all SAML 2.0 providers (with Okta being the most popular) are supported for self-service configuration. Vantage also supports AzureAD and Google Workspace which you can configure by emailing support@vantage.sh.

5. How do I configure my IdP to work with Vantage?

Each provider has different instructions. You can visit our SSO Documentation page and follow the relevant instructions for your provider.

6. How can I safely test the SSO configuration without locking myself out of my account?

The recommended steps for testing your SSO configuration are as follows:

  • Enable the connection for your account
  • Do not close or log out of your current session
  • Open a private browser and visit https://console.vantage.sh
  • If your SSO connection is configured correctly you will be redirected to your IdP upon entering your email address
  • If you are able to complete the login, this means your configuration is correct

7. If I use an IdP which is not in the supported provider list can I still setup SSO for my Vantage account?

If you use a provider that is not on the list, you can contact support@vantage.sh to determine whether or not we can support your provider.

8. Which roles in my account can configure SSO connections?

To manage SSO connections, you must be an owner.

9. Are multiple email domains from the same configuration supported?

As part of the setup, the email domain configured for your account will be automatically set up. If you want to add other domains that are configured in your IdP, you can contact support@vantage.sh.

10. If I already have SSO configured for my Vantage account do I need to do anything?

You do not. Any previously configured SSO configuration will be displayed.

11. I use Sign in With Google for login. Can I configure this for my Vantage account?

At this time we do not support enforcing Sign In with Google for your email domain. You must still invite users individually to your account who can then use Sign In with Google. This is something we plan to support in the future.

12. Are new users automatically provisioned on first login?

Yes, new users are automatically provisioned as the Editor role. You can change this setting as part of your SSO configuration.

13. Will my users lose access when I enable SSO?

Once SSO is enabled users will not be able to login using username and password and must go through the SSO flow. It is recommended to test your configuration end-to-end after first enabling it to ensure other users in your account are able to login to Vantage.

14. Can I invite users from outside my organization?

Yes, if you wish to invite users who have a different email domain to your SSO enabled account you can add them from the users page.

15. Can I configure multiple SSO Providers for my Vantage account?

No, at this time you are only able to configure a single SSO provider for your Vantage account.

16. What is an IdP?

An IdP, or Identity Provider, is a trusted entity that authenticates and provides identity information for users in a system. It is commonly used in Single Sign-On (SSO) systems to verify a user’s identity and provide access to multiple applications and services without requiring the user to log in separately to each one.

17. What is SAML?

SAML (Security Assertion Markup Language) is an open standard for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. It is widely used for implementing Single Sign-On (SSO) for web applications.

18. Can Support help if I get locked out of my account?

Yes, contact support@vantage.sh to disable your SSO connection.

19. Can I configure log-in to Vantage directly from my IdP portal?

No, for security reasons Vantage does not support IdP-initiated login.