INFOYou’ll need a SAML 2.0 identity provider server set up before you can follow this guide.
- Create a SAML SSO application in your identity provider (IDP).
- Create and assign users to your SAML SSO application in your IDP. Users must have the following attributes:
- First name
- Last name
- Contact MX for your Client ID attribute. You’ll set this value in your IDP later.
- Send MX the following:
- A valid x.509 certificate used to verify the SAML responses you send. We’ll also accept an XML configuration file.
- The certificate fingerprint.
- The certificate fingerprint algorithm.
- Configure your SAML SSO application in your IDP:
- Set Entity ID to
https://dashboard.mx.com/saml/sp - Set Reply URL (Assertion Consumer Services URL) to
https://dashboard.mx.com/saml(this value may defer if you’re testing in a different environment). - Set Relay URL to
https://dashboard.mx.com/(this value may defer if you’re testing in a different environment). - Set Client ID to the value sent by MX.
- See Attributes for a list of all attributes, their supported formats, and descriptions.
- Set Entity ID to
Attributes
Use the following attributes when configuring your SAML SSO application in your IDP.| Attribute Name | Supported Attribute Formats | Description |
|---|---|---|
| Client Id | client_id, clientId, ClientId, Client ID | This is needed so we can identify and then verify your association to the user attempting to sign in. It’s required to be passed in through the SAML response itself. |
mail, email, email_address, emailAddress, EmailAddress, Email Address | The user’s email address. | |
| First Name | first_name, firstName, FirstName, First Name | The user’s first name. |
| Last Name | last_name, lastName, LastName, Last Name | The user’s last name. |
| NameID | nameid |
|

