Don’t you hate remembering all of your passwords? With OpsLevel’s Single Sign-On integration all of your microservice data is seconds away without the need for another long and secure password.
With single sign-on, you get:
- Automatic user provisioning: OpsLevel will create a user for you as long as the employee has access to the OpsLevel application in your identity provider.
- Revoke user access: Removing a user’s access from OpsLevel is as simple as revoking their access in your identity provider.
The following metadata URL can be used to help automate the configuration of SAML within your identity provider. Note: You will need your
provider_key, located in your Account Settings under Authentication Method
- Destination: Sometimes labeled as
Single Sign-On URL. This will be the URL OpsLevel will receive the SAML response to. This value is located in your Account Settings under Authentication Method:
- Audience: Sometimes labeled as
SAML Audience. This field should be configured to:
- Email: The user’s email address. This is expected as an attribute with a
Ensure that you use SHA1 token encryption
Note: OpsLevel supports SHA1 token encryption for SAML tokens. Configure your SAML provider to use SHA1 token encryption during your SSO/SAML setup.
In order to have users auto-provisioned when they first sign in, we require the following optional attributes:
first_name: The given name of the user.
last_name: The family name of the user.
admin user on your OpsLevel account may configure the SAML single sign-on settings by:
- Navigating to the Authentication Method section of the Account Settings page.
Editat the bottom of the card.
- Clicking on the option labeled
- Specifying the corporate email domain used by your company under:
- Pasting in the X.509 Certificate from the SAML configuration in your identity provider.
- Pasting in the Single Sign-on URL from the SAML configuration in your identity provider.
- (Optional) De-selecting
Allow authentication via email / passwordonce your configuration has been verified as operational.
- Navigate to the OpsLevel Sign In Page.
Log in with SSO
- Enter the email address associated with your company.
Log in with SSO
- If prompted, sign into your identity provider to complete the authentication request.
If you are having trouble setting up your single sign-on in any way, send us an email at [email protected] and we’ll be happy to help debug and diagnose any issues.
Updated 5 months ago