Accessing Web Applications Using SAML

Document created by user.oxriBaJeN4 Employee on Aug 2, 2019Last modified by user.oxriBaJeN4 Employee on Aug 12, 2019
Version 7Show Document
  • View in full screen mode

When logging into a Mimecast web application (e.g. My Apps, Administration Console, Mimecast Personal Portal) using SAML authentication, one of the following authentication profiles is enforced depending on whether your logon has an administrator role:


Administrator RoleAuthentication ProfileComments
YesSAML Configuration for AdministratorsThis ensures your administrator logon is secure.
NoSAML Configuration for Mimecast Web Apps
Single Sign On needs no additional configuration.



The following are not affected:

  • The SAML Configuration for End User Applications authentication profile (e.g. Mimecast for Outlook).
  • Single log in behavior (e.g. logging in once to be authenticated across all Mimecast applications).
  • IDP initiated log on.




If you haven't configured SAML correctly in the IdP, you may experience the following behavior depending on whether your logon has an administrator role:

  • If your logon has an administrator role, you're taken to the Administration Console regardless of the app being accessed.
  • If your logon doesn't have an administrator role and has access to more than one Mimecast application, you're taken to Mimecast Personal Portal.


If you experience this behavior, correct your SAML configuration. See the Global SAML URLs and Audience Values  page for further details.