starburst galaxy > sso > Generic IdP SAML setup

Generic IdP SAML setup #

Note: These SSO setup pages are meant for Starburst Galaxy administrators. You must also have admin access to your IdP’s configuration site. Familiarity with SSO concepts is presumed.

Starburst Galaxy supports configuring a generic identity provider (IdP) to manage user and group access to Galaxy, as long as the generic provider supports the Security Assertion Markup Language (SAML) protocol standard.

Precise configuration steps cannot be provided for every IdP. All of the SSO configuration data that any IdP can need are seen in the Okta SAML setup page. Follow the steps on this page, substituting the field names, filenames, and terminology appropriate for your generic IdP.

The IdP must be configured to set the user’s email address as the SAML NameID. In Auth0, for example, this can be done by adding the following setting to the configuration:

"nameIdentifierProbes": [
  "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"
]

Is the information on this page helpful?

Yes

Skip

Generic IdP SAML setup

Is the information on this page helpful?

Yes

Skip