Single sign-on
As a cloud application, Network requires that a customer’s IdP is accessible from the internet, either directly or through some kind of broker or gateway.
For example, Network can integrate with a customer’s internal Microsoft Active Directory (AD) implementation through a third-party identity management solution such as Okta™, Ping Identity™, or Symplified™.
SSO can be initiated by one of the following:
- Identity Provider (IdP): Service responsible for user authentication and authorization.
- Service Provider (SP): Application, such as Network, to which the IdP gives users access.
Benefits of using SSO
- Users can access multiple secure applications without having to sign into each one separately.
- Administrators can see user names instead of just user types for monitoring Network activity.
- Users can be automatically created or inactivated.
Enabling this feature
The following tasks are required:
- Administrator
- Add and configure a Network application on the identity provider's site.
- Configure IdP details and map attributes in Network.
- Create and assign a security policy for SSO users.
Note: By default, single sign-on is not enabled in Network. You must contact Veeva Network Support to enable SSO for your Network instance.
User activities
The following activities are available depending on the user type:
| Activity | Standard User | Data Steward | Data Manager | Administrator |
|---|---|---|---|---|
| Configure SSO SAML settings |
|
|||
| Provision users |
|
|||
| Log in using SSO |
|
|
|
|