In most cases, users will authenticate into Non-Employee Risk Management by authenticating into Identity Security Cloud using an identity provider and navigating to Non-Employee Risk Management.
In the documentation it’s mentioned that the ACS URL uses the following format:
“Most often, this will be a URL similar to https://[tenant].portal.nonemployee.com, where [tenant] is the name of your Non-Employee tenant.”
This would generate a URL looking like this https://[tenant].portal.nonemployee.com/saml/consume
This is also what’s generated in the NERM tenant itself.
In my experience, the ACS format should be the following:
https://[tenant].portal.nonemployee.com/saml/consume?portal_url=[portal], where [tenant] is the name of your Non-Employee tenant and [portal] the name of your portal.
Without the “?portal_url=[portal]”, SSO is simply not working.
Can you update this in the documentation.
Hi @claeswo! Thank you for your input. We’ve created a ticket to investigate this issue, and we’ll update this thread when that investigation is complete: SAASDOCS-10423.
Hi @claeswo! We’ve updated this doc based on your suggestion. Thank you for helping to improve the docs!