Starburst Galaxy

  •  Get started

  •  Working with data

  •  Developer tools

  • Starburst Galaxy UI
  •  Catalogs
  •  Clusters
  •  Admin
  •  Access control
  •  Cloud settings

  • Administration
  •  Security
  •  Single sign-on

  •  Troubleshooting

  • Galaxy status

  •  Reference
  • Generic IdP SAML setup #

    Starburst Galaxy supports configuring a generic identity provider (IdP) to manage user and group access to Galaxy, as long as the generic provider supports the Security Assertion Markup Language (SAML) protocol standard.

    Precise configuration steps cannot be provided for every IdP. All of the SSO configuration data that any IdP can need are seen in the Okta SAML setup page. Follow the steps on this page, substituting the field names, filenames, and terminology appropriate for your generic IdP.

    The IdP must be configured to set the user’s email address as the SAML NameID. In Auth0, for example, this can be done by adding the following setting to the configuration:

    "nameIdentifierProbes": [
      "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"
    ]