Setting up Single Sign-On (SSO) with your IdP using the Gatekeeper Generic SAML v2.0 Connector
Note: When configuring SSO using our generic SAML v2.0 connector, you will need details from your Identity Provider (IdP) and once configured in Gatekeeper, you will have additional details to add to your IdP. This will likely require support from your IT/Technical team.
Please also note: This feature is available with our Enterprise and Custom Enterprise Plans only. Essentials and Pro Customers have access to Microsoft SSO and Google SSO.
What you will need:
- An active subscription to our Enterprise or Custom Enterprise Plan.
- Please ensure you have at least one user set up in both your Gatekeeper tenant and your Identity Provider (IdP).
- You will need either your IdP Metadata URL or you can use your IdP Metadata XML.
Start by going to Settings > Configuration using the left-hand navigation menu. Then select Authentication.
Here you can choose to allow all authentication methods which includes SAML v2.0 authentication or if you wish to only allows users access to Gatekeeper if they have a SAML account, you can select 'Require SAML 2.0 Authentication'.
It is recommended that you use the 'Allow all authentication methods' when setting up and testing SAML v2.0 SSO to ensure teammates are not locked out of Gatekeeper during this process.
To start the configuration, select 'Configure SAML 2.0'.
Here you can enter either your IdP Metadata URL or XML. Once entered, select 'Create'.
You will now be presented with the information that was retrieved from the URL/XML and the required Metadata to complete the configuration of your SAML v2.0 SSO integration within your IdP.
Note:
- Email should be used as NameID in the SAML Token.
- Your Login Link for users can be found under 'SSO URL:'
Once these details have been inputted into your IdP, you will be able to access Gatekeeper using the configured SAML v2.0 SSO integration.
Note: A user must be Active in Gatekeeper before they will be able to access Gatekeeper using SAML SSO
Upon completion of testing, you can now set your Authentication method to 'Require SAML 2.0 Authentication' and select Save (at this point, only users with a SAML account will be able to log into Gatekeeper).