Skip to main content

Configure SAML 2.0 SSO in Virtana Platform

To configure SAML SSO in Virtana Platform, you simply have to enter the identity provider (IdP) SSO metadata URL that is viewable in your IdP account. This URL accesses SAML metadata XML files that allow the IdP and service provider (SP) to share configuration information.

About This Task

The domain used in the administrator's email address is the domain that the SSO account is bound to in Virtana Platform. All users with the same domain as the administrator will be redirected to the IdP when they log in.

Prerequisites

  • You must have an Administrator role in Virtana Platform to perform this task.

    Important

    If you have configured a custom subdomain as part of white labeling rebranding of Virtana Platform, you must login using that custom subdomain before configuring SSO.

  • You must have configured a Virtana Platform application in your IdP account and made a note of the IdP metadata URL.

  • You must have an administrator role with credentials-based login to Virtana Platform.

Steps

  1. Log in to Virtana Platform, click the Settings sprocket and select Login & Permissions.

    login_and_permission.png

  2. Click Configure SSO.

  3. Select the SSO Type as SAML 2.0

  4. Enter the Identify Provider Metadata URL and click Verify and Save Metadata.

    If the URL is correct, the following Configuration Parameters are displayed from the metadata file:

    • IdP Issuer ID

      Example: http://www.<service-provider>.com/<aaa111bbb222ccc333dd>

    • IdP SSO URL

      Example: http://virtana-platform.<service-provider>.com/virtanaplf/<eeff4455gg66hh77jj88>/sso/saml

    • X.509 Certificate

      Example: ----BEGIN CERTIFICATE----

      abCD123eFgH456JkLM789npQR0123STUV4567wXyZ890ABcd098EfGh765JKlm4321...

      ----END CERTIFICATE----

  5. Click Save.

    The SSO Configuration page displays, listing the SAML SSO you just configured.

  6. Click down arrows (down arrows) to see the configuration information for SSO, including the following:

    • Tenant ID

    • Email Domain

    • SP Entity ID

    • IdP Metadata URL

    • IdP

    • IdP Issuer ID

    • IdP SSO URL

  7. [Optional] Click Edit if you need to modify any parameters.

    Important

    Do not modify the metadata URL unless the URL from your IdP changes. If you are changing identity providers, be sure to configure the appropriate settings for Virtana Platform in the new IdP.

Related Topics

Configure Azure AD as SAML-Based SSO Provider

Configure Okta as SSO Provider

In this section: