IDP Integration

Updated on September 22, 2019 Download PDFDownload as PDF
Download PDF

Brief Overview

IDP Integration can be used to validate end-users identity, enrich content segmentation capabilities and expand on user behavior monitoring. Providing one reliable and secure User ID across any system without the need of defining the unique user ID for each system with different variables.

End-User Flow:

Important:

IDP Integration is currently supported on Okta and G-Suite systems.

Use Cases

  • End-user IDP authentication as a prerequisite to present WalkMe content.
  • Expanding content segmentation capabilities by IDP parameters (for example – groups, region, department, etc).
  • Accurate data monitoring across systems.

Pre-requisites

An IDP application needs to be created to serve as the “bridge” between IDP and WalkMe’s Integration Center.

An instruction guide is available in the Integration Center on the configuration screen for both Okta and Google.

Note: Once the end-user ID in the Editor is set to use IDP ID, all events sent to Insights will restart with the new ID.

Creating and Setting an Integration 

1. Navigate to Integration Center within Insights

2. Choose “IDP Integration”

3. Fill the fields according to the instructions guide

4. Press “Save”

5. Open WalkMe Editor within the system you would like to use IDP as User Identifier on

6. Click “Settings” and set User Identifier parameter to “IDP” (This option will be available to any system under the configured account)

7. Save settings

Note: IDP Integration is configured on account-level on Integration Center phase. Changing the User Identifier parameter is done on system-level.

Best Practices

  • “Enforce SSO” configuration –
    • Enabled – IDP authentication must occur before opening a web page to end-user, if IDP token is not recognized then the end-user will be redirected to its IDP login page.
    • Disabled – IDP authentication is attempted upon page load, but if there’s is not an active token for IDP then end-user won’t be redirected to IDP. Its User Identifier will be downscaled automatically to “WalkMe ID” method.

Limitations

  • Important:¬†Changing User Identifier impacts the way WalkMe identifies end-users and may reset “Play once” configurations.

Please be aware that, if your implementation is already live, changing the User Identifier impacts the way WalkMe identifies end-users. This could result in resetting auto-play rules (ie. Play Once settings) or users seeing their Onboarding tasks marked as uncomplete, due to their unique user identifier (UUID) being changed. There is no way around this limitation, as each user is being recognized as a new user, tied to their new UUID value.

  • IDP Integration is configured one account-level (One configured on Insights of a specific system, it will be available for all systems).
  • Only one IDP Integration is available per account.

Was this article helpful?

Related Articles