SAML-based single sign-on (SSO) allows your team members to access Threat Stack through an identity provider (IDP) of your choice.
A list of the identity providers that we’ve partnered with can be found in How To Configure SSO.
Configuring SAML SSO in OneLogin
- Log into Threat Stack.
- From the Home page, click the Apps tab, then the Add Apps menu option.
- Using the Search field, search for "Threat Stack".
- Select the Threat Stack version that supports SAML2.0.
- On the Configuration tab, click the Save button to add the app to your Company Apps and display additional configuration tabs.
- On the Configuration page, open the SSO tab.
- On the SSO tab, download the X.509 Certificate (Public Certificate file). To download the certificate:
- Click the View Details link. The SAML Cert page displays.
- Click the Download button.
- Navigate back to the SSO tab by clicking the <-SAML Cert link.
- Copy the two SAML values that you need to provide to Threat Stack:
- Issuer URL - the Identity Provider SAML 2.0 URL in Threat Stack
- SAML 2.0 Endpoint (HTTP) - the Identity Provider Issuer URL in Threat Stack
Next time you need to access your Threat Stack application, paste the URLs into the Authentication> tab and upload the Public Certificate.
Enter SSO Information in Threat Stack
- Navigate to the Settings page and open the Authentication tab.
- Paste the two SAML values that you copied from OneLogin:
- Identity Provider SAML 2.0 URL
- Identity Provider Issuer URL
- Upload the X.509 Certificate in the Upload your Public Certificate file section.
- Click the Continue button. A confirmation message displays.
- Review the confirmation message and click the Proceed and Enable Single Sign-Onbutton.
Before you click the Proceed button: If you or another user uses an email address, such as a personal account, that is not recognized by your company, you will lose access and no longer be able to login to Threat Stack after enabling SSO.
- Click the Log Out button.
- Log back into Threat Stack. Authenticate through your organization’s IdP.
Congratulations, you have enabled SSO for your Threat Stack organization and authenticated your account. You will receive two follow up emails and your team will receive a notification of SSO enablement for your company.
You and other members of your organization do not have to update your Threat Stack accounts until your current session ends. When the current session ends, Threat Stack directs you to authenticate using your organization’s IDP the next time you sign in.