Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

SeaLights support SAML 2 SSO integration . Configuring the SSO needs to be done on both IDP and SeaLights side, the and the configuration of the Single Sign-On connection requires steps on both the Customer’s IdP (Identity Provider) and SeaLights sides.

Note

In order to set up the SSO integration, please make sure the people with relevant permissions are involved from your IT department.

The following items walk you through the necessary steps to achieve the SSO integration:configuration:

  1. Open a request to our SeaLights Support to provide you with:

    1. The Assertion Consumer Service (ASC) URL

    2. The Audience URI

    3. The Sealights certificate

  2. Set up a SAML 2.0 application on your

...

  1. IdP

    1. Using the information provided by Sealights from the step above

    2. Configure the SAML response to send five attributes for each user (step 4 in the diagram above):

      1. E-mail

...

      1. address, First Name

...

      1. , Last Name

...

      1. Attribute to be used to map one of the values user, user-admin, user

...

      1. -devops
        This can be any value from your IdP, including multiple values as long as there is a clear mapping from them to one of roles.
        The mapping will be performed on Sealights side

      2. Groups: List of groups the user belongs to for assigning apps that user has access to in Sealights

  1. Once this is set

...

  1. up, provide

...

  1. Sealights with one of the options below:

    1. The metadata.xml

...

    1. (preferred)

    2. The Issuer URI

...

    1. , the SSO URL

...

    1. , the certificate

  1. We will then test that everything is working properly using a dedicated test user and

...

  1. update the configuration/mapping according to the results of the tests

Tip

At this point, we will be ready to assign all your users to work through

...

a Single Sign-On connection.