Appearance
SAML / Single Sign-On (SSO)
Learn about Security Assertion Markup Language (SAML) and Single Sign-On (SSO) and how to configure Spektion to leverage your Identity Prodivider (IdP).
Single Sign-On allows users to authenticate once and gain access to multiple applications without the need to log in again. By enabling SSO, organizations can centralize their authentication and identity management process, simplify access management, and improve security by reducing password-related risks.
Preface
During tenant creation, Spektion will provide the initial administrator with credentials to access the dashboard. Local accounts may be created, but it is strongly encouraged to enable SSO for all users. Once SSO in enabled, local authentication will be disabled for all users. Because of this we recommend coordinating with your team during off-peak hours.
Getting Started
Within the dashboard, head to the Adminstration pages by visiting the gear (
) icon in the upper-right corner. Select Manage Identity Providers, and then Add Identity Provider. SAML 2.0 (Recommended) is pre-selected and the SAML configuration is displayed below.
Default Membership
Every team member who accesses Spektion via SSO will be given organizational access with the User role. This means they can access all telemetry within the console, but they won't be able to modify any settings.
SAML2 Identity Providers
Spektion provides SAML2 based authentication which can be configured manually, or using defaults provided by an identity provider:
Spektion supports several SAML services:
- Identity and Service Provider initiated SSO
- Identity provider initiated Single Logout
Spektion's Assertion Consumer Service uses HTTP-POST bindings.