When your tenant is configured with an External Identity Provider, users don’t sign in with a Vantage password — they authenticate with the provider, and Vantage grants access based on the provider’s confirmation.Documentation Index
Fetch the complete documentation index at: https://docs.abbyy.com/llms.txt
Use this file to discover all available pages before exploring further.
Sign in via an External Identity Provider
Enter your corporate email
On the Vantage sign-in page, enter your email in the Corporate email field. Vantage redirects you to the Identity Provider’s sign-in page.
If your email is registered in multiple tenants configured with the same Identity Provider, Vantage prompts you to choose the tenant you want to sign in to.
Authentication workflow with SAML assertions
The SAML 2.0 standard secures communication between Vantage (the service provider) and the External Identity Provider. Vantage uses SAML assertions to exchange authentication data with a SAML 2.0 External Identity Provider. Under the hood, a SAML sign-in looks like this:- The user requests access to Vantage.
- Vantage generates a SAML assertion, sends it to the External Identity Provider (via POST or GET), and redirects the user to the provider’s sign-in page.
- The user authenticates with the External Identity Provider.
- The External Identity Provider generates a signed assertion and token.
- The provider forwards the signed assertion and token back to Vantage (via POST or GET). If valid, Vantage establishes a session.
Related topics
Authentication
Sign-in flows for Vantage tenants
Setting up an External Identity Provider
Overview of OAuth 2.0 and SAML 2.0 provider setup
Setting up an External Identity Provider for a tenant
Apply the External Identity Provider to your tenant
Tenant login URL
Tenant-specific sign-in URLs