...
Email Domains: Enterprise domains (e.g. http://acme.com ) that will access Blue Hexagon via SSO
Sign-in URL: Your SSO IdP sign-in URL to which Blue Hexagon will redirect
Sign-out URL: Your SSO IdP sign-out URL
X.509 Signing Certificate: SSO IdP public key in .pem or .cer format
User ID Attribute: (Optional) Attribute in the SAML token that will be mapped to the
user_idproperty in Blue HexagonProtocol Binding: HTTP-POST (recommended) or HTTP-Redirect
Single Sign-On (SSO) Flow
Blue Hexagon recommends Service Provider initiated SSO flows, i.e. have your users access the Blue Hexagon portal first with redirection to your Identity Provider. If you must use Identity Provider initiated SSO flows, talk to your Blue Hexagon Account Team.
When you access the Blue Hexagon portal, you will be redirected to the login page.
...
Enter your SSO email address in the highlighted box. Blue Hexagon automatically performs Home Realm Discovery and will indicate that Single Sign-On (SSO) is enabled for your domain.
...
On clicking Log In, you will be taken through your SSO Identity Provider’s authentication flow as appropriate, and will be redirected to the Blue Hexagon Portal upon successful authentication!