Valet Manager allows users to log into VM applications through SAML Authentication. Security Assertion Markup Language (SAML) allows identity providers (Eg: Google) to pass authorization credentials to service providers (Eg: Valet Manager)
Here is an example of the steps to configure SAML for your company in Google Workspace
Step 1: Go to Google Admin and select Apps.
Step 2: From the top navigation, click on Add app dropdown and select 'custom SAML app'.
Step 3: Provide the application name and upload the app icon.
Step 4: Choose option 1 and download the IdP metadata file. This file has the SSO URL, Entity id and certificate which is required for validating and processing the SAML request.
This file must be imported in the Back office SAML Settings page
Step 5: Please provide theACS URL,entity idandname id. The ACS URL format is as follows:https://api.valet-
Please replace Company id and Saml type in the ACS URL according to your company configuraiton.
Company id:Every company has a specific companyId. Eg: Company id of Valet Manager is 'demo'
SAML Type: SAML type refers to the website in which the SAML configuration is to be applied.Eg: 'BACKOFFICE' for VM back office application, 'WHITELABEL' for Reservation website, 'HOTEL' for VM Hotel application
Entity idrefers to the domain of their white label application.
Name idis the primary email id of the user .
Users will be redirected to the ACS URL after authentication through SAML.
Step 6: Valet Manager SSO requires four attributes in the SAML response. First Name, Last name, Primary email and phone number need to be mapped with their respective app attributes as shown in the image below.
| SAML Attribute | User Mapping |
| NameId | Email Address |
| http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress | Email Address (used for fallback if NameId isn't an email address) |
| http://schemas.xmlsoap.org/claims/emailaddress | Email Address (used for fallback if NameId isn't an email address) |
| firstName | First Name |
| http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname | First Name |
| http://schemas.xmlsoap.org/claims/commonname | First Name |
| lastName | Last Name |
| http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname | Last Name |
| phone | Phone Number |
| http://schemas.xmlsoap.org/ws/2005/05/identity/claims/phone | Phone Number |
| group | SAML User Group in Valet Manager (gives the user access to the specified permission group) |
After configuring the IdP, please set up the SAML settings in the Back office application.
Step 1: Navigate to Settings >> SAML Settings Please select a company and the SAML Type.
Note: If you are unable to find SAML Settings in the Settings Module, please reach out to the Valet Manager Support team via the help widget.
Step 2: Please import the certificate using IDP Metadata Upload button and provide the application redirection URL in the URL field.(Eg:backoffice.valetmanager.
For Example, If the IDP is Okta, the SAML redirection URL will be: https://<instanceId>.okta.com
When the information is saved, a preview of the certificate will appear on the screen.
Note: The uploaded certificate can be downloaded using the download IDP Meta file button.
