Examples: Configure IdP applications for Control Room

Depending on the Identity Provider (IdP) you are using, you need to configure appropriate attributes that are required in the SAML assertions to be sent from your IdP to the Control Room.

We have provided few examples on how to configure attributes that are required for switching the Control Room to SAML-authentication environment. Use these examples as reference when configuring your IdP. For more information, see your IdP documentation.
Note: Set the ACS or service provider URL to <Enterprise Control Room URL>/v1/authentication/saml/assertion when setting up your IdP.

JumpCloud

To set up your JumpCloud SSO using SAML, perform the following steps:

  1. Configure your JumpCloud SSO using SAML. See SSO using Custom SAML Application Connectors.
  2. Add the following attributes that are required for the Control Room to auto provision users.
    Service Provider Attribute Name (Automation 360) JumpCloud Attribute Name
    UserID username
    FirstName firstname
    LastName lastname
    EmailAddress email
  3. In User Groups, ensure to select the groups whose users need to access the Control Room.

Okta

To set up your Okta SSO using SAML, perform the following steps:

  1. Configure your Okta SSO using SAML. See Create your integration in Okta.
  2. Add the following attributes that are required for the Control Room to auto provision users.
    Name Value
    FirstName user.firstName
    LastName user.lastName
    EmailAddress user.email
    UserID user.login
  3. After the application is created, navigate to the Assignments tab and assign the application to either people or groups.

Microsoft Azure

To set up your Microsoft Azure SSO using SAML, perform the following steps:

  1. Configure your Microsoft Azure SSO using SAML. See Create an app registration in Azure.
  2. Add the following attributes that are required for the Control Room to auto provision users.
    Claim name Value
    EmailAddress user.email
    FirstName user.givenname
    LastName user.surname
    UserID user.userprincipalname
  3. Ensure that you assign this application to the users who need to access the Control Room. See Manage users and groups assignment to an application.