If a company already has SAML SSO set-up with PostBeyond and are changing the IdP (Identity Provider), make sure to follow these instructions to ensure a smooth process:
Step 1: The admin should let the CSM know that this is going to happen, and provide a time where they know that the least amount of users will be logging into the platform or a 'downtime' they've scheduled with ALL of the users.
Step 2: The Admin will provide the following information to PostBeyond:
- Single Sign On Service endpoint
- Logout Service endpoint
- X.509 Cert (certificate can be attached separately - not in the metadata file)
- Attributes: ( 1 ) givenname – user first name, ( 2 ) surname – user last name, ( 3 ) emailaddress – user email address
Note: The SP (Service Provider) metadata that was sent from PostBeyond the initial SSO set-up will remain the same
Step 3: During this scheduled downtime, PostBeyond will use the above data to make the changes to the platform. Once this process is completed, PostBeyond will notify the company's Admin and IT team that the switch over was completed.
Step 4: From there, we would suggest testing the SAML SSO set-up to ensure that it is working properly.