Currently, only authentication of existing users is supported via SAML 2.0. New team members cannot be automatically created by logging in through a SAML 2.0 provider. An admin will still need to create/invite the team member through the Medallia Agent Connect platform.

Step 1. Configure your Identity Provider

Below are the settings you will need to configure a new app within your Identity Provider, if you are unsure of your subdomain please reach out to your Client Services Manager.

Global Settings

You may not need all of these data points depending on your identity provider

** Same for Recipient and Destination URLs** Choose the field in your IdP where the email address or custom employee ID that is setup in Agent Connect can be found.

Okta

Steps: Admin> Applications> Create New App> Platform = Web, SAML 2.0

onelogin

PingIdentity

Steps: Admin> Applications> Add Application> New SAML Application​* Same for Recipient and Destination URLs

Step 2. Provide Your Configuration to Medallia

The identity provider should generate a couple of pieces of data that will need to be supplied to the Success team, which can be reached at implementation@stellaconnect.com

You will be asked to provide:

• Identity Provider Single Sign-On/Login URL

• X.509 Certificate

Step 3. Test the Configuration

Once the configuration has been setup within Agent Connect, you will be able to test the Single Sign-on by visiting https://{your_subdomain}.stellaconnect.net/employees/sign_in?sso=true and clicking Sign in with provider.

Step 4. Go Live

When you are completed with testing, just contact us and we will enable your SAML configuration to be the default and ONLY login option for all team members. At this point, all team members that visit the login page for Agent Connect will be immediately redirected to the Identity Provider for login.