| description |
|---|
Configure SAML Single Sign-On on Spike.sh |
This guide explains the settings you’d need to use to configure SAML with your Identity Provider. Once this is set up you should get an XML metadata file which you can provide to Spike.sh and start using SSO.
Guides for setting up SAML with other IdPs
- How to setup SAML on Microsoft Azure AD
- How to setup SAML on Google Workspace
- How to setup SAML on Onelogin
- How to setup SAML on Centrify
Follow the configurations given below while configuring your SAML with your IdP. You can configure SAML SSO for Incident Management and Status Page products individually.
{% hint style="info" %} The below values will be the same for Okta, Microsoft Azure AD, Google, and other IdPs. {% endhint %}
- Assertion consumer service URL / Single Sign-On URL / Destination URL:
https://app.spike.sh/sso/oauth/saml - Entity ID / Identifier / Audience URI / Audience Restriction:
https://app.spike.sh - Response:
Signed - Assertion Signature:
Signed - Signature Algorithm:
RSA-SHA256 - Assertion Encryption:
Unencrypted
- Assertion consumer service URL / Single Sign-On URL / Destination URL:
https://statuspage.spike.sh/sso/status-page/oauth/saml - Entity ID / Identifier / Audience URI / Audience Restriction:
https://statuspage.spike.sh - Response:
Signed - Assertion Signature:
Signed - Signature Algorithm:
RSA-SHA256 - Assertion Encryption:
Unencrypted
For example, in the case of Okta users, this is how the configuration looks
%20(2).png)
Add user mappings as shown below. Note that email , firstName and lastName are mandatory.
.png)
Once the SAML is configured, head over to Spike.sh and open organisation settings.
Paste the IdP XML Metadata and save.
Once configured, you can find the organisation slug from organisation settings.
.png)
Use that slug at the time of login.