SSO via SAML

Owned by Arun Raman
Last updated: May 12, 2021
1 min read

Setup Instructions

Blue Hexagon Support will provide you with the following information to set up the SAML connection with your SSO Identity Provider (IdP):

  • Entity ID: Uniform Resource Name (URN) that uniquely identifies Blue Hexagon as a Service Provider (SP)

  • Assertion Consumer Service (ACS) URL or Reply URL: URL at the Service Provider (Blue Hexagon) that accepts SAML artifacts from the IdP

  • Signing Certificate: Blue Hexagon certificate containing the encryption key necessary for authentication

SAML User Attributes Mapping

Ensure that at least the following user attributes are configured in your IdP:

  • emailaddress : User’s email address

  • givenname : User’s given name or first name

  • surname : User’s surname or last name

  • name : Principal name of user in the IdP

If the user attributes are configured differently in your IdP, please inform Blue Hexagon Support of the user attribute mapping.

SSO SAML Information to Send to Blue Hexagon

Once you have configured your SSO Identity Provider (IdP), please provide the following information to Blue Hexagon Support:

  • Email Domains: Enterprise domains (e.g. acme.com) that will access Blue Hexagon via SSO

  • Sign-in URL: Your SSO IdP sign-in URL to which Blue Hexagon will redirect

  • Sign-out URL: Your SSO IdP sign-out URL

  • X.509 Signing Certificate: SSO IdP public key in .pem or .cer format

  • User ID Attribute: (Optional) Attribute in the SAML token that will be mapped to the user_id property in Blue Hexagon

  • Protocol Binding: HTTP-POST (recommended) or HTTP-Redirect

Blue Hexagon Proprietary