Please log in to continue
WalkMe stores your data in the region chosen during account setup.
We have data centers in the US and EU that follow local privacy and compliance laws. If you're not sure which region to select, check with your admin.
An Identity Provider (IDP) is a service that stores and manages digital identities. When integrated with WalkMe, your IDP becomes the single source of truth for user identification — replacing the need to define a unique user ID for each system separately.
IDP Integration lets you:
For any new system, IDP Integration is the recommended approach to user identification.
To access IDP Integration in the console:
To access IDP Integration in the Admin Center:
WalkMe IDP Integration supports three authentication protocols:
The following vendors are supported for OAuth 2.0 and OpenID Connect:
Before setting up IDP Integration, an IDP application must be created to serve as the connection point between your identity provider and WalkMe. Setup instructions for all supported vendors are available directly in the configuration screen.
Additional requirements:
Enforce SSO controls what happens when a user's IDP token is not recognized on page load.
IDP authentication must occur before WalkMe content loads. If the token is not recognized, the user is redirected to their IDP login page. If authentication fails — due to the IDP being unavailable, invalid credentials, or the user not being assigned to the IDP app — Enforce SSO is disabled for one hour and the user identifier automatically falls back to WalkMe ID, or WalkMe will not load depending on your configuration. After one hour, if the token is still not recognized, the user is redirected to the IDP login page again.
IDP authentication is attempted on page load, but if no active token exists, the user is not redirected. The user identifier automatically falls back to WalkMe ID, or WalkMe will not load depending on your configuration.
To set up and manage IDP Integration, refer to the IDP Integration: Getting Started Guide.
After assigning systems to an IDP, the UUID setting for those systems is automatically set to IDP and published — no further action is required. The only way to change the UUID is to unassign the system from the IDP vendor. For changes to take effect, systems must be updated to the latest WalkMe version via a settings publish. For Enterprise accounts, select Update to the latest WalkMe version when publishing.
Changing the user identifier affects how WalkMe recognizes users. Each user is treated as a new user tied to their new UUID value. This can reset Auto Play rules and cause completed Onboarding Tasks to appear incomplete.
String and number date types are not supported in Insights filtering and editor segmentation.
Mobile Web is automatically activated after IDP setup is complete. If Mobile Web is added after IDP or OneID is already active, deactivate and reactivate IDP to enable Mobile Web support.
Don't set 2FA on the WalkMe IDP application for users. It introduces additional authentication steps that interrupt the seamless login flow IDP Integration is designed to provide.
The Safari browser extension is not supported.
After setup, use imported IDP attributes for content segmentation in Insights and in the Editor under User Attributes > IDP, with filter conditions based on the configured data field type.