Setup Single Sign-On (SSO)
Last updated
Last updated
You can use SSO login in DecisionRules. This functionality is set using the SAML_ENTRY_POINT and SAML_ISSUER env. variables found in the docker-compose configuration file or added to the container before it is started using the command line.
From version 1.7.0 needs to be set up SAML_CALLBACK_URL.
| Variable | Mandatory | Description |
|---|---|---|
SAML_ENTRY_POINT
Is typically a link provided by your IdP for the login page that you gonna use when logging in with SSO.
Example:https://devX.okta.com/app/name/HASH/sso/saml
SAML_ISSUER
Could be linked with hash or just name to identify your SSO.
Example:okta.com/HASH_STRING
SAML_CERT
Public certificate of the provider. In a BASE 64 format as a single line without BEGIN CERTIFICATE and END CERTIFICATE.
Example:MIIC8DCCAdigAwIBAgIQap4GhMRA26tJGFD3fdTuNjANBgkqhkiG9w0BAQsFADA0MTIwMAYDVQQDEylNaWNyb3NvZnQgQXp1cmUgRmVkZXJhdGVkIFNTTyBD.......
SAML_CALLBACK_URL
It is the URL that which provider call with the callback. Need to be set up on the provider.
Example:https://api.decisionrules.io/saml/callback
SAML_ENTRY_POINT
Yes
identity provider entry point
SAML_ISSUER
Yes
issuer string to supply to IdP
SAML_CERT
Yes
certificate as a string
SAML_CALLBACK_URL
From version 1.7.0
Reply URL / Single sign-on URL