Setting up single sign-on using SAML 2.0
Cirrus supports single sign-on (SSO) login through SAML 2.0.
- SAML 2.0 capable identity provider.
Step 1. Setup service provider
Setting up SAML 2.0 can be via Admin > SAML Integration (listed under Web Services):
- Check the option 'Enable SAML2 Authentication' - all further options will be unlocked for editing.
- SAML SP metadata URL will produce xml document if integration settings are correct.
- SAML Identity Provider name - enter the name that will be used on the login screen of your environment:
- Enter the Login attribute name - this attribute from your side will be used for identifying users on the Cirrus side.
- Login Attribute type - currently users can be identified using their external id or username. Both of these fields are unique in Cirrus. Select the appropriate value for your setup.
- Metadata upload - Choose a way to import your identity provider metadata. Metadata can be imported using metadata url or a metadata xml file.
Step 2. Setup your identity provider
There are a lot of different identity provider solutions available on the market. The integration settings can be different for each solution. Common steps are:
- Import service provider metadata provided by Cirrus.
- Add attribute to be sent with the same name as you defined in the previous step - the attribute name is case-sensitive.