Hosted Graphite supports Single Sign On (SSO) via SAML-enabled identity providers. This allows users to login to our service using their existing organisation credentials. A SAML integration is set up on the team’s primary Hosted Graphite account, and any subsequent user signups via SAML will be added to this account as team members.
Note: SAML Authentication can only be enabled forSmallaccounts and above.
SAML Setup
Identity providers require SAML account metadata from Hosted Graphite in order to set up a SAML integration. This is information is available from theSAML setup page, including:
Entity ID URL:https://CLUSTER.hostedgraphite.com/metadata/YOUR-USER-ID/
XML Metadata: Available by accessing theEntity ID URLabove while logged in.
NameID Format: Email address.
SAML Version: 2.0
Hosted Graphite can integrate with providers that support the SAML 2.0 specification. Example steps for connecting with some supported identity providers are listed below.
Azure Active Directory
Create a Hosted Graphite integration with Azure AD
Login to the Azure AD portal, select your directory, then go toApplicationsandAdd.
ClickAdd an application from the gallerythen search for and selectHosted Graphite.
Open the Hosted Graphite application integration page, clickConfigure single sign-onand then selectAzure AD Single Sign-On.
Go to Addons section of the new Auth0 App and selectSAML2 Web App.
Under the Usage tab,Issueris your Entity ID.
Identity Provider Login URLis your SSO Login URL.
Identity Provider Certificateis your Certificate.
Go to theSAML setup pageand enter your Entity ID, SSO Login URL and Certificate.
Select a default user role for new team members.
ClickSave.
Notes
The team’s primary Hosted Graphite account will continue to log in without SAML. This cannot currently be changed.
Existing users cannot be signed in via SAML. Please getin touch with supportif you would like that changed.
New usersmustsignup via the single-signon url provided in the 3rd party provider and not via the Hosted Graphite user interface. This is especially important for Azure SAML login.