Description

There are two ways to initiate Single Sign-on (SSO) with Security Assertion Markup Language (SAML). 

1. Service Provider (SP) initiated sign-on

2. Identity Provider (IDP) initiated sign-on.

Arctera is the SP and the IDP would be any 3rd party vendor such as Okta, OneLogin, PingOne, etc.  Arctera only supports SP initiated sign-on, which uses a unique Personal Archive (PA) URL with an appended Customer ID (CID).  This CID is created in Administration Console (Policy Management -> Authentication Management) after SSO is fully configured for Arctera Unified Platform.  It will look like the example below: 

https://personal.us1.arctera.com?CID=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

Only by going directly to the PA URL will the SSO process properly resolve, allowing users to login to their archive.  Most IDP's provide a home page in which they can place shortcut buttons for their SSO.  This is not supported by Arctera and must be configured by the 3rd party vendor. 

How to initiate Single Sign-on (SSO) with SAML