When a customer is moving to a new Identity Provider (IdP), there are two possible scenarios depending on whether user email addresses are changing.
It’s important to follow the correct process to ensure users can continue to log in successfully after the transition.
Scenario 1: Email Addresses Are Changing
If user email addresses will be updated as part of the IdP change, the following steps must be completed by Workvivo before enabling the new IdP:
What needs to be done:
- Clear external IDs for affected users
This removes the existing IdP association from user accounts - Update user email addresses in Workvivo
Email addresses must match the identifiers that will be provided by the new IdP - Validate updates before the new IdP configuration is applied
- Configure and enable the new Identity Provider
Apply the new IdP configuration in Workvivo - Validate login access
Confirm users can successfully log in using the new IdP
Scenario 2: No Email Address Changes
If user email addresses will remain the same, the process is simpler:
What needs to be done:
- Clear external IDs for affected users
This removes the existing IdP association from user accounts - Configure and enable the new Identity Provider
Apply the new IdP configuration in Workvivo - Validate login access
Confirm users can successfully log in using the new IdP
Important Notes
- External IDs must be cleared before enabling the new Identity Provider
- If email addresses are changing, they must exactly match what is sent by the new IdP
- Skipping these steps may result in users being unable to log in after the IdP switch
Best Practice
It is strongly recommended that this process is completed on a live call with Workvivo Support. This allows login to be tested immediately and reduces the risk of access issues during the transition.
Need Help?
Please contact Workvivo Support to coordinate this process and schedule the IdP transition.