What do I need to know to configure single sign-on with xMatters via SAML?
xMatters uses an IDP-initiated flow to tie in with SAML. There currently is no support for SP-initiated flows at this time.
The following information is required on the Admin tab to set up SAML in xMatters:
- Identity Provider ID
- Audience - generally this is your xMatters URL: https://company.xmatters.com
- Single Sign On URL - this is the sign on URL that is supposed to present the login page to your IDP. Note that with solutions like Azure this may represent the MyApps url to the configured application on the IDP side.
- Single Logout URL - completely optional and can be blank. Represents the page to present when a user logs out.
- Identifier Type - Can be one of User ID or Web Login ID. Represents the parameter we compare to on the xMatters side when receiving the user context.
- Identifier Location - Can be one of Subject NameID Element or Attribute Name Element. Note that if you choose an Attribute Name you also have to provide the actual name of the attribute that contains the user context in the configuration.
After SAML is configured, only users authorizing with single sign-on are granted system access unless they also have permission to log in natively. For more information about enabling native login, see Enable native login.
For more information, see Configure SAML in xMatters in the online help.
Single Sign-on, Azure, Ping Federate, ADFS