# Cyera

To setup Cyera, we just need two pieces of information, Single Sign-On URL and Audience URI (SP Entity ID). (See Vendor Setup Information for more information)

The only required parameter is the users email address, so we will assign the default SamlID field as that parameter.

Cyera will require access to your company's domain DNS to verify domain.

1. In the Cyera console, Navigate to: **Settings** > **SSO**.
2. Click on **Setup SSO connection**.
3. Select **Select Custom SAML**.

Copy and paste the URLs from your Cyera console to the Key9 **Setup Items**

1. **Single Sign-On URL**
2. **Audience URI (SP Entity ID)**

Click **Create Application** in Key9. After you have created your Key9 application, click the **SSO** tab in the side navigation, we will need some of these values.

**Back in the Cyera console**

Click on the **Configure Manually** link at the bottom.

Enter the following values from Key9 into these Cyera fields:

1. Copy the Key9 **SSO** url to the **SSO Endpoint** field.
2. Copy the Key9 **X.509 Certificate** to the **Public Certificate** field.

(To view and copy the x509 certificate in Key9, select **View Certificate Details** from the **Certificate Options** dropdown menu, then click the copy icon.)

1. Click **Next**
2. Click **Continue to claim domain**
3. Enter your **Domain Name** (example.com) then click the **Proceed** button.
4. You will need to copy the info into a new TXT record in your DNS file:
   1. Record Name
   2. Record Value
5. After you have the DNS updated, click the **Validate** button.
6. Select **Default SSO roles**, then click the **Done** button.
7. When ready, toggle the **Status** for the domain to Active.

\-------------------

By default, applications are not active upon creation. Active applications are immediately available to assign groups. Applications should only be activated when you have configured the Service Provider (SP).