SSO

Single Sign-On (SSO) allows you to enable logging into Observo using your existing Identity Provider (IdP) like Google Workspace or Okta.

Adding Connection

  • To add a new sso connection, either visit the SSO Page or navigate through the side panel by selecting Settings > Access Management > Single Sign-On and then click on Configure SSO button.

  • After clicking on the Configure SSO button, it will present a modal to configure the connection.

Setup

You can find setup explanations for all our supported Identity Providers on the following sub-pages:

SSO Configuration

Select your existing Identity Provider (IdP).

Google/Azure/Okta IdP Configuration

  • Name required string Unique connection name.

  • Description string Description for the connection.

  • Google Workspace Domain/ Microsoft Azure AD Domain/ Okta Workforce Domain required string Specify the domain name of your IdP workspace.

  • Client ID required string Utilize the Client ID of the IdP application here.

  • Client Secret required string Utilize the Client Secret of the IdP application here.

  • Domain Aliases [string] The user's email domain will be compared with the identity provider domains. If there is a match, users will be redirected to the identity provider.

SAML IdP Configuration

  • Name required string Unique connection name.

  • Description string Description for the connection.

  • Sign In URL required string The SAML 2.0 Endpoint (HTTP) value.

  • Sign Out URL required string The SLO Endpoint (HTTP) value.

  • Domain Aliases [string] The user's email domain will be compared with the identity provider domains. If there is a match, users will be redirected to the identity provider.

Once connection is configured click "Save" to save the sso connection in the system.

Role Mapping

  • After the SSO connection is established, users have the option to add role mapping for the newly created SSO connection.

  • For a detailed explanation on how to add the mapping, please refer to this link.

  • Adding role mapping at this stage is optional; you can choose to skip it and add it later if desired.

Connections List

  • All the connections in the system are visible in the sso page in tabular view.

Connections List Actions

One can perform certain actions on a user which can be accessed by clicking the three dots menu icon at the end of each users list row.

Action
Description

Edit SSO

Allows to edit the sso connection. It will open the same SSO modal that was available while creating a new connection with form values pre filled.

Delete SSO

Delete the sso connection from the system.

Edit Role Mapping

Checkout the detailed explanation here on how to edit the role mapping.

Delete Role Mapping

Delete the role mapping for the sso connection.

PreviousRole MappingNextGoogle Workspace

Last updated

Was this helpful?