Single Sign On (SAML)

Note: Starting from May 14, 2023, Aporia's SSO login url will be updated to https://platform.aporia.com?kc_idp_hint=<ACCOUNT_NAME>

You can easily give access to Aporia to your team using your favorite SAML Idp.

The integration status can be found on the "Integrations" page, accessible through the sidebar:

STEP 1: Contact your Aporia account representative to get your {BASE URL} and {ALIAS} info.

STEP 2: Login to your IdP and create a SAML app with the following configuration:

Single Sign On URL / Application ACS URL - should be in the following format {BASE_URL}/keycloak/realms/aporia/broker/{ALIAS}/endpoint
Audience URI (SP Entity ID) - should be in the following format {BASE_URL}/keycloak/realms/aporia
Name ID format - EmailAddress
Application username - Email
Mapping (required for AWS) - User attribute in the application: Subject Maps to this string value or user attribute in IAM Identity Center: ${user:email} Format: emailAddress

STEP 3: Supply the IdP app metadata (file / url) to your Aporia account representative.

Yay! 🎉 You can now go and test your connection using the Idp-initiated login link.

Last updated 1 year ago