SSO
You can setup this integration as a logged in admin user in the integrations page:
Rootly is compatible with any identity provider supporting SAML 2.0.
Depending on the identity provider, you might be asked for the following information during your setup process:
ACS URL: https://rootly.com/users/saml/auth Entity ID: https://rootly.com/users/saml/metadata
Let's go to the Applications panel.
Search for Rootly.
Click on Add.
Select SAML 2.0.
No our app is created let's go back in Applications > Rootly and click View Setup Instructions:
Finally copy the fields as shown below into Rootly, this information from Okta is unique to your organization.
You are all set !
You will need to access the Google Admin Console: https://admin.google.com/ac/home.
Follow screenshot steps as below:
Make sure Signed Response is checked and the app ON for everyone is checked in your org unit.
And finally let's edit the attributes mapping.
Let's switch to Rootly. You can get the identity login url by clicking on the TEST SAML LOGIN button.
Browse the Applications Store page and install Rootly.
Copy fields over Rootly like shown below
- Issuer URL -> Identity Provider ID
- SAML 2.0 endpoint -> Identity Login Url
- In the certificate section > View Details > X.509 Certificate -> Idp Cert
You are all set !
Install SSO integration through the Azure marketplace
Integrate Rippling SSO + SCIM in one click https://www.rippling.com/app-shop/app/rootly
Let's begin by navigating to the SSO Applications page from the left navigation.
Search for and install the Rootly application.
Once installed, select the Rootly application to enter edit mode and navigate to the SSO tab.
Update the IdP Entity ID from JumpCloud to JumpCloud-<BusinessName>.
Download your IDP Certificate. It should download as a .pem file.
Navigate to your Rootly SSO Integration modal and fill in the following fields with the corresponding values from JumpCloud.
Rootly Field | JumpCloud Field |
|---|---|
Identity Provider Id | IdP Entity ID |
Identity Login Url | IDP URL |
Identity Logout Url | Leave blank or choose any page you'd want to navigate your user to when they log out. |
Idp Cert | Open the certificate you downloaded in the previous step with a text editor of your choice. Copy and paste the text content. |
Domain Name | Your domain (e.g. mycompany.com) |
Go ahead Enable and Save your SSO setup in Rootly.
You're now SSO enabled!
If you want to set up Just-In-Time (JIT) provisioning, navigate to the Identity Management tab in edit mode and set the following fields according to the mappings below.
- API Type: SCIM API
- SCIM Version: SCIM 2.0
- Base URL: https://rootly.com/scim
- Token Key: Pick this value up from your SSO Configuration screen in in Rootly
- Test User Email: You can use your own email as long as the email domain matches the one set in your Rootly SSO configuration page.
Go ahead and select Test Connection. You should see a successful message once a connection is confirmed.
If you'd like to provision users by JumpCloud Groups, go ahead and select the following option.This will allow you to provision the users in each JumpCloud Group with a specific Rootly Role.
Navigate to your Rootly SSO Integrations modal and map the desired JumpCloud Group to the desired Rootly Role.
Go ahead and Save your configuration. You're all set for JIT user provisioning!
If you have SSO enabled, all other login methods such as Google, Slack, Email/Password will automatically redirect users to the SSO method instead.
If you set up SSO incorrectly, you may not be able to sign in anymore. In that case please contact [email protected] or use the lower right chat widget for live assistance.
If you need help or more information about this integration, please contact [email protected] or use the lower right chat widget to get connected with an engineer.
