SAML Single Sign On (SSO)

Metric Insights provides Single Sign On (SSO) where users can sign on via your central location (Identity Provider - IdP) instead of within Metric Insights.

Security Assertion Markup Language (SAML) is the standard that Metric Insights supports to achieve SSO.

Some common SAML implementations are by OKTA, Microsoft (ADFS), Oracle.

This article describes how to configure Metric Insights to work with your SAML implementation.

Video Tutorial

Generate Metadata XML from Metric Insights

At web browser, bring up /simplesaml in Metric Insights.  e.g., https://metricinsights.mycompany.com/simplesaml

Generate Metadata XML from Metric Insights

  1. Choose Federation tab
  2. Click on Show metadata link

Generate Metadata XML from Metric Insights

1. Copy the Metadata XML and provide that to your SAML Identity Provider (IdP) to generate a Metadata key for Metric Insights to use

2. You will most likely receive a SAML XML in return. Use that file to extract the key components used in configuration. See next steps below.

Create saml.php file

1. Download/copy the .xml file provided by IdP

2. Parse the .xml file by running the following command:

  • Version 4.0 and prior:
/var/www/iv/data/bin/mi-saml-config.php --input-file <path to saml.xml> --saml-type adfsv3
  • Version 4.1 and later:
/opt/mi/iv/data/bin/mi-saml-config.php --input-file <path to saml.xml> --saml-type adfsv3

3. All the required metadata is going to be given in the response. Copy it and paste into the saml.php file

Test SAML config

You can test the SAML integration using the screens in Metric Insights at /simplesaml. E.g., https://metricinsights.mycompany.com/simplesaml

First change the password in the saml.php file (/var/www/iv/engine/config/saml.php):

define('SAML_ADMIN_PASSWORD','mypassword'); //auth.adminpassword

Then login to the screen using the password

And choose the auth source in the UI. E.g., default-sp

define('SAML_AUTH_SOURCE','default-sp');

If setup correctly, then you will be redirected to your IdP to sign in.

Upon successful sign in you will be redirected back to Metric Insights and the screen will show you the values of SAML FIELDS, so you can check your mapping in saml.php

Enable SAML in Metric Insights

Access Admin > Utilities > Config Variables, set the SAML_ENABLED field to 'Y' and save (Generate const.php)

0 Comments

Add your comment

E-Mail me when someone replies to this comment