SSO (Single Sign On) Configuration
MessageMedia provides Single Sign-On (SSO) functionality for enterprise customers to access the app through a single authentication source. This allows IT administrators to better manage team access and keeps information more secure.
We use SAML (Security Assertion Markup Language), a standard that permits identity managers to safely pass authorisation credentials to service providers like MessageMedia.
Configuring SSO in the MessageMedia web portal:
1. Start by logging in to the MessageMedia web portal as an admin on the parent account.
2. Go to Configuration, and then Single Sign-on (SSO)
3. Configure the email domains that you wish to enable for SSO.
Note - email domains can only be used once per account hierarchy (i.e. if you set an email domain at a sub-account level, you cannot set the same email domain on another sub-account).
4. Select your Identity Provider (IdP) - either Azure AD or Okta. If your IdP is not listed, please contact firstname.lastname@example.org about extending SSO support to your IdP.
5. Enter the XML provided by your IdP in the field provided
Once you have configured SAML SSO, follow these steps to complete the configuration:
6. Select whether or not you wish new user profiles to be automatically created when someone logs in using SSO but does not already have a MessageMedia User profile
7. Set the default user role to be assigned to these newly created profiles
8. Select the accounts & sub-accounts to which these new users will have access
9. Toggle this switch to "On" to force all users logging in using any of the previously selected email domains to go through the SSO process