Integrating SAML (Security Assertion Markup Language) with CloudDefense.ai allows you to enable single sign-on (SSO) for your developers, providing them with secure and easy access to the CloudDefense.ai platform via your identity provider (IdP). The information required to establish trust between CloudDefense.ai and your IdP depends on the type of SSO you are using.
SAML for SSO
To establish trust between CloudDefense.ai and your identity provider using SAML:
Add an ACS URL (Assertion Consumer Service) / Single Sign-On (SSO) URL:
The ACS is the endpoint on the CloudDefense.ai network that listens for requests from your IdP to enable communication between your network and CloudDefense.ai.
This URL is sometimes called a Reply URL.
Provide CloudDefense.ai Details in Your Identity Provider Platform:
ACS URL: https://console.clouddefenseai.com/auth/realms/cdefense/broker/{organization-name}-saml/endpoint
Entity ID: https://console.clouddefenseai.com/auth/realms/cdefense
Metadata URL: https://console.clouddefenseai.com/auth/realms/cdefense/broker/{organization-name}-saml/endpoint/descriptor
Check the Entity ID:
The Entity ID is the URL that uniquely identifies CloudDefense as a SAML entity or service provider.
Ensure that the default Entity ID is checked manually, as no default is set.
Extract Information to Provide
Obtain the metadata URL from your identity provider and provide this information to CloudDefense to establish trust on the service-provider side. The metadata includes the following details:
Sign-In URL: The URL for your identity provider sign-in page.
Public Key: The identity provider public key encoded in Base64 format.
Logout URL (Optional): The URL to redirect users whenever they log out of CloudDefense.
Protocol Binding:
HTTP-POST is recommended.
HTTP-Redirect is also supported.
Configure Integration
Navigate to the Integrations tab and under the SSO section, choose Okta.
Paste the Sign-In URL, Public Key, and other necessary information obtained from your IdP. Click the green Integrate button to complete the integration.
Confirm that the single sign-on process is working correctly by logging in using your identity provider.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article