Vanta - SSO configuration
This documentation has been tested and approved by Kelvin Zero's team
This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for Vanta using MPAS. SSO simplifies user authentication by allowing access to multiple applications with a single set of credentials. This integration enhances security and improves user experience across your organization.
To set up Multi-Pass with Vanta, ensure you meet the following requirements:
- Vanta admin rights
- MPAS Admin rights
- Make sure that all users intended to use SSO in Vanta are registered in your IdP and have the necessary permissions to access Vanta.
Important: Custom elements in URLs (like realm names) are case sensitive. Make sure to match the exact casing from your environment.
Vanta - SSO configuration
Step 1 - Vanta Configuration
- Log into Vanta as an Administrator.
- Go to Settings, Select Login and Security
- Manually configure SAML.
- Copy the three URLs provided by Vanta
- SP Entity ID
- ACS URL
- SP Metadata URL
- Open the SP Metadata URL and save as XML (e.g.,
VantaMetadata.xml).
Vanta SAML Values
| SP Field | Value |
|---|---|
| SP Entity ID | https://vanta.com/sso/<TENANT_ID>/saml/metadata |
| Assertion Consumer Service (ACS) URL | https://vanta.com/sso/<TENANT_ID>/saml/acs |
| SP Metadata URL | https://vanta.com/sso/<TENANT_ID>/saml/metadata |
Complete Vanta with IdP info (after Step 2)
- Return to Settings, Login and Security and Manually configure SAML.
- Under Identity Provider Configuration, click Edit configuration.
- Paste the Tenant XML Data URL from Multi-Pass into the URL field.
| Field | Value |
|---|---|
| Tenant XML Data URL (IdP Metadata) | https://ca.auth.kzero.com/realms/<TENANT_NAME>/protocol/saml/descriptor |
Step 2 - Multi-Pass Configuration
Create the application from Vanta metadata
- Open Multi-Pass Dashboard
- Select your tenant
- Go to Integrations, click on Applications
- Choose SAML under Custom Integrations.
- Click Upload File and upload
VantaMetadata.xml.
- Verify all fields are correctly populated
SAML — Form values (Multi-Pass)
| Field | Value |
|---|---|
| Client ID (= SP Entity ID) | https://vanta.com/sso/<TENANT_ID>/saml/metadata |
| Name | Vanta |
| Description | SSO integration |
| Assertion Consumer Service (ACS) URL | https://vanta.com/sso/<TENANT_ID>/saml/acs |
| NameID Policy Format |
- Click Download under Tenant XML data and save locally (its URL will be used in Vanta).
- then click Add Integration.
- Open Advanced Console (right panel)
- Click on clients and use the search bar to look for Vanta
- Find the Vanta client and verify the sections below.
General settings
| Field | Value |
|---|---|
| Client ID | https://vanta.com/sso/<TENANT_ID>/saml/metadata |
| Name | Vanta |
| Description | SSO integration |
| Always Display in UI | ON |
Access settings
| Field | Value |
|---|---|
| Home URL (IdP-initiated) | https://ca.auth.kzero.com/realms/<TENANT_NAME>/protocol/saml/clients/Vanta |
| Valid Redirect URIs (ACS) | https://vanta.com/sso/<TENANT_ID>/saml/acs |
| IDP-Initiated SSO URL Name | Vanta |
SAML Capabilities
| Setting | Value |
|---|---|
| Force Name ID Format | ON |
| Force POST Binding | ON |
| Include AuthnStatement | ON |
Signature & Encryption
| Setting | Value |
|---|---|
| Sign Documents | OFF |
| Sign Assertions | ON |
Step 3 — Testing (optional)
- In Vanta, create a test user.
- In Multi-Pass, create a test user with the same email.
- Attempt sign-in to Vanta via SSO and verify success.
Related Articles
SAML SSO Integration Guide
This guide provides an overview of how to configure SAML Single Sign-On (SSO) between Multi-Pass and a third-party Service Provider (SP). Multi-Pass acts as the Identity Provider (IdP) in this federation model. Multi-Pass is working on SCIM support ...Notion - SSO configuration
Please note that this application has not been formally tested by Kelvin Zero Inc. It is provided solely as a reference guide. If you encounter any issues, kindly submit a ticket directly through the support desk. This documentation provides a ...Dynatrace - SSO configuration
This documentation has been tested and approved by Kelvin Zero's team This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for Dynatrace using MPAS. SSO simplifies user authentication by allowing access to multiple ...Addigy - SSO configuration
This documentation has been tested and approved by Kelvin Zero's team This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for Addigy using MPAS. SSO simplifies user authentication by allowing access to multiple ...ZoomInfo - SSO configuration
Please note that this application has not been formally tested by Kelvin Zero Inc. It is provided solely as a reference guide. If you encounter any issues, kindly submit a ticket directly through the support desk. This documentation provides a ...