SSO

This guide explains the settings you’d need to use to configure SAML with your Identity Provider. Once this is set up you should get an XML metadata file which you can provide to Spike.sh and start using SSO.

Guides for setting up SAML with other IdPs

1. How to setup SAML on Microsoft Azure AD

2. How to setup SAML on Google Workspace

3. How to setup SAML on Onelogin

4. How to setup SAML on Centrify

Step 1

Follow the configurations given below while configuring your SAML with your IdP. You can configure SAML SSO for Incident Management and Status Page products individually.

For our Incident management dashboard

• Assertion consumer service URL / Single Sign-On URL / Destination URL: https://app.spike.sh/sso/oauth/saml

• Entity ID / Identifier / Audience URI / Audience Restriction: https://app.spike.sh

• Response: Signed

• Assertion Signature: Signed

• Signature Algorithm: RSA-SHA256

• Assertion Encryption: Unencrypted

For our Status page dashboard

• Assertion consumer service URL / Single Sign-On URL / Destination URL: https://statuspage.spike.sh/sso/status-page/oauth/saml

• Entity ID / Identifier / Audience URI / Audience Restriction: https://statuspage.spike.sh

• Response: Signed

• Assertion Signature: Signed

• Signature Algorithm: RSA-SHA256

• Assertion Encryption: Unencrypted

For example, in the case of Okta users, this is how the configuration looks

Step 2

Add user mappings as shown below. Note that email , firstName and lastName are mandatory.

Step 3

Once the SAML is configured, head over to Spike.sh and open organisation settings.

Paste the IdP XML Metadata and save.

Step 4

Once configured, you can find the organisation slug from organisation settings.

Use that slug at the time of login.