Setup Single Sign-On (SSO)

How to set up the Sing Sign-On(SSO) in DecisionRules On-Premise

You can use SSO login in DecisionRules. This functionality is set using the SAML_ENTRY_POINT and SAML_ISSUER env. variables found in the docker-compose configuration file or added to the container before it is started using the command line.

From version 1.7.0 needs to be set up SAML_CALLBACK_URL.

Variable
Mandatory
Description

SAML_ENTRY_POINT

Yes

identity provider entry point

SAML_ISSUER

Yes

issuer string to supply to IdP

SAML_CERT

Yes

certificate as a string

SAML_CALLBACK_URL

From version 1.7.0

Reply URL / Single sign-on URL

SAML_ENTRY_POINT

Is typically a link provided by your IdP for the login page that you gonna use when logging in with SSO.

Example:https://devX.okta.com/app/name/HASH/sso/saml

SAML_ISSUER

Could be linked with hash or just name to identify your SSO.

Example:okta.com/HASH_STRING

SAML_CERT

Public certificate of the provider. In a BASE 64 format as a single line without BEGIN CERTIFICATE and END CERTIFICATE.

Example:MIIC8DCCAdigAwIBAgIQap4GhMRA26tJGFD3fdTuNjANBgkqhkiG9w0BAQsFADA0MTIwMAYDVQQDEylNaWNyb3NvZnQgQXp1cmUgRmVkZXJhdGVkIFNTTyBD.......

SAML_CALLBACK_URL

It is the URL that which provider call with the callback. Need to be set up on the provider.

Example:https://api.decisionrules.io/saml/callback

Last updated

#843: Audit API chages

Change request updated