What must be true about the email address when enabling Single Sign-On?

When enabling Single Sign-On (SSO), it is crucial that the email address matches the information in the Identity Provider. This is because SSO relies on trusted communication between the application and the Identity Provider to authenticate user identities. If the email address does not match the information stored in the Identity Provider, the authentication process will fail, preventing users from accessing the system.

Using an email address that aligns with the Identity Provider ensures consistent user identity verification and streamlines access to various systems without requiring multiple logins. This matching is foundational to the successful implementation of SSO, as it directly impacts the integrity and security of the authentication process.