Skip to main content

Single Sign-On

Overview

The Single Sign-On (SSO) feature in Motadata AIOps allows users to log in using external identity providers like OneLogin, Okta, Azure AD, or 1Kosmos. This guide explains how to configure SSO for your Motadata AIOps environment using the supported protocols and identity providers.

Go to Menu. Select Settings . After that, Go to User Settings . Select Single Sign-On.

Single Sign-On Screen

Choose the Preferred Protocol

  • SAML 2.0 is the default protocol for SSO configuration in Motadata AIOps. Select this option if you are using SAML-based authentication.

Service Provider Details

The service provider (SP) represents Motadata AIOps in the SSO process, and the following details must be configured in your identity provider's platform:

FieldDescription
Service Provider Entity IDThis is the URL that uniquely identifies Motadata AIOps. For example, this value is mapped to the EntityID in OneLogin. It is set by default but can be edited. The default value is motadata-sp.
Redirect URLThis URL redirects users to the AIOps login page when accessing the domain. It is non-editable. For example, this value is mapped to ACS (Consumer) URL in OneLogin.
Service Provider Login URLThe URL that Motadata AIOps uses for authentication. This is a non-editable field. For example, this value is mapped to the Login URL in OneLogin.
Service Provider Logout URLThis URL handles sign-out requests from Motadata AIOps. It is non-editable. For example, this value is mapped to Single Logout URL in OneLogin.

Identity Provider Details

Motadata AIOps supports integration with the following identity providers (IdP):
OneLogin, Okta, Azure AD, 1Kosmos

When configuring the identity provider, select either Upload Metadata File or Configure Manually to proceed.

If Uploading Metadata File

FieldDescription
Identity Provider Metadata FileUpload the metadata file provided by your identity provider to automatically populate the IdP details. This option is only available when you select Upload Metadata File in the previous field.

If Configuring Manually

When you choose to configure manually, fill in the following fields with the details provided by your identity provider:

FieldDescription
Identity Provider Entity IDThis field is used by Motadata AIOps to verify SAML responses from the identity provider. For example, This field can be mapped with the 'Issuer URL' provided by OneLogin.
Identity Provider Login URLIt directs users to the IdP login page for authentication. For example, this field can be mapped to the SAML 2.0 Endpoint (HTTP) provided by OneLogin.
Identity Provider Logout URLThis URL handles logout requests initiated from the service provider. For Example, this field can be mapped to the 'Single Logout (SLO) Endpoint (HTTP)' provided by OneLogin.
NameID FormatThis field defines how the subject (user) is identified between the service provider and identity provider. Ensure that both SP and IdP use the same NameID format. Supported formats in Motadata AIOps include: Email, Persistent, Transient, and Unspecified.
IdP X.509 CertificateYou can either manually configure the certificate details or upload the IdP certificate file. The certificate is used to validate the IdP’s digital signature.
Identity Provider FingerprintIf configuring manually, find the fingerprint value in the metadata file within the <ds:X509Certificate> tags. You can also upload the certificate directly if available from the IdP.

Saving and Testing the Connection

After completing the required fields, click Save to initiate the connection process. A side pop-up will indicate that the process has started.

  • If the connection is successful, you will see the message:
    "An integration with identity provider: <IdP> for Single Sign-On is completed successfully."
  • If the connection fails, the message will display:
    "An integration with identity provider: <IdP> for Single Sign-On failed!"

Once the connection is successful, the SSO configuration will be active, and users can authenticate through the selected IdP. You will also see the import icon under the Users section in User Settings, indicating the integration.

This structured guide provides a clear step-by-step approach for configuring SSO in Motadata AIOps, ensuring users understand both automatic and manual configuration methods for their identity providers.

Importing Users from Identity Providers

Once the SSO integration is successfully established, you can proceed to import users from your chosen identity provider.

To import users, follow the steps below:

  1. Click on the Import Icon

    After configuring the SSO settings, navigate to User Settings. Click on the Import icon. This will initiate the user import process.

  2. Choose the Identity Provider

    A pop-up will appear, providing options to select the identity provider from which you wish to import users. The supported identity providers include:

    • Okta
    • OneLogin
    • Azure AD
    • 1Kosmos

Depending on the identity provider selected, specific configurations and user details will be pulled into Motadata AIOps.

Once authenticated, all the users from the configured identity provider which have permission to access Motadata AIOps will be imported into Motadata AIOps.

By following these steps, you can seamlessly integrate your users from external identity providers into Motadata AIOps, ensuring a unified authentication process across your organization.