...
The following items walk you through the necessary steps to achieve the SSO configuration:
Open a request to our SeaLights Support to provide you with:
The Assertion Consumer Service (ASC) URL
The Audience URI
The Sealights certificate
Set up a SAML 2.0 application on your IdP
Using the information provided by Sealights from the step above
Configure the SAML response to send five attributes for each user (step 4 in the diagram above):
E-mail address, First Name, Last Name
...
Attribute to be used to map one of the values
user,user-admin,user-devops
This can be any value from your IdP, including multiple values as long as there is a clear mapping from them to one of roles.
The mapping will be performed on Sealights sideGroups: List of groups the user belongs to for assigning apps that user has access to in Sealights
Once this is set up, provide Sealights with one of the options below:
The
metadata.xml(preferred)The Issuer URI, the SSO URL, the certificate
We will then test that everything is working properly using a dedicated test user and update the configuration/mapping according to the results of the tests
| Tip |
|---|
At this point, we will be ready to assign all your users to work through a Single Sign-On connection. |
...