Single Sign On (SAML)
Note: Starting from May 14, 2023, Aporia's SSO login url will be updated to
https://platform.aporia.com?kc_idp_hint=
<ACCOUNT_NAME>
You can easily give access to Aporia to your team using your favorite SAML Idp.
The integration status can be found on the "Integrations" page, accessible through the sidebar:
Setting up the SAML integration
STEP 1: Contact your Aporia account representative to get your {BASE URL}
and {ALIAS}
info.
STEP 2: Login to your IdP and create a SAML app with the following configuration:
Single Sign On URL / Application ACS URL - should be in the following format
{BASE_URL}/keycloak/realms/aporia/broker/{ALIAS}/endpoint
Audience URI (SP Entity ID) - should be in the following format
{BASE_URL}/keycloak/realms/aporia
Name ID format - EmailAddress
Application username - Email
Mapping (required for AWS) - User attribute in the application: Subject Maps to this string value or user attribute in IAM Identity Center: ${user:email} Format: emailAddress
STEP 3: Supply the IdP app metadata (file / url) to your Aporia account representative.
Yay! 🎉 You can now go and test your connection using the Idp-initiated login link.
Last updated