Table of contents
- Identity Provider side setup
- ThousandEyes side setup
- Testing SSO
Configuration is simple. Here's what you need:
- ThousandEyes account assigned a role with the Edit security & authentication settings permission
- An Azure AD subscription.
- Log into portal.azure.com.
- Go to Azure Active Directory > Enterprise applications > Add an application and search for ThousandEyes. Skip to step 4 if configuring a custom application.
- Click the ThousandEyes Enterprise application and Add
- Users can be assigned to the app using the Assign users and groups option. Consult the How to setup SCIM with Azure Active Directory to setup automatic user provisioning.
- Once users are assigned click Single sign-on from the side pane and select SAML as a Sign on method.
- Configure the Basic SAML Configuration section fields as below:
- Download the Federation Metadata XML from SAML Signing Certificate section.
- Login to ThousandEyes
- Go to Account Settings > Organization Settings
- Check the Enable Single Sign-On box and select Metadata File as the Configuration Type. Import the metadata file from step 9 of previous section using the Import File button.
- Check the Override box for Logout Page URL and clear the field. Please ensure the Service Provider Issuer field matches the Identifier (Entity ID) in Azure side as seen in step 7 of Identity Provider's side Setup and Save.
Login to Log into portal.azure.com and go to Azure Active Directory > Enterprise applications > ThousandEyes > Single sign-on. Scroll down and click the Test button in Test single sign-on with ThousandEyes section. Click Sign in as current user button in the side pane that opens up.
The test will open up a new tab and log you into ThousandEyes!