All Collections
Managing Account
How to set up Single Sign-On (SSO) in Probely
How to set up Single Sign-On (SSO) in Probely

Learn how to configure Single Sign-On to log in to the Probely app.

Jaime Vasconcelos avatar
Written by Jaime Vasconcelos
Updated over a week ago

Probely uses the standard Security Assertion Markup Language (SAML) to exchange authentication and authorization information with an Identity Provider (IdP) to enable Single Sign-On (SSO) to the Probely app. This means that if you have SSO in place for your users to log in to your applications, you can also enable SSO to the Probely app. Learn more about Login with SSO in Probely.

The configuration of SSO involves two steps:

  1. Configure Probely in your Identity Provider.

  2. Configure SSO in Probely.

This article describes these steps in detail.

Step 1: Configure Probely in your Identity Provider

In this first step, go to your Identity Provider and create an entry for Probely using the following information:

  • Entity Identifier - The URL that identifies Probely as the issuer of SAML requests, responses, or assertions: https://probely.com.
    โ€‹

  • Assertion Consumer Service - The Probely endpoint to do the SAML authentication and authorization: https://sso.plus.probely.app/sso/<organization-id>/complete/


    In the endpoint, replace <organization-id> with a string that identifies your organization (with lowercase letters and hyphens only). For example, the company name, but if you need any help, Probely can suggest it for you.
    โ€‹

  • Certificate - The SAML certificate for Probely:

    MIIFjzCCA3egAwIBAgIUBjrMlHlE8dKutYm0cz0JXFIjMMQwDQYJKoZIhvcNAQELBQAwVzELMAkGA1UEBhMCUFQxDzANBgNVBAgMBkxpc2JvbjEPMA0GA1UEBwwGTGlzYm9uMRAwDgYDVQQKDAdQcm9iZWx5MRQwEgYDVQQDDAtwcm9iZWx5LmNvbTAeFw0yMTAxMTExNTEyMDBaFw0zMTAxMTExNTEyMDBaMFcxCzAJBgNVBAYTAlBUMQ8wDQYDVQQIDAZMaXNib24xDzANBgNVBAcMBkxpc2JvbjEQMA4GA1UECgwHUHJvYmVseTEUMBIGA1UEAwwLcHJvYmVseS5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDBIuwIGTIDaKPvv8lRKNlQVRD/lZgUeeSifEGl81JywWIDKWqvrXv07dupDoEAodwX9mfl68RfrBi4SfB1FYijEl7axURJgUrijCYolF76zxhcSVwadlzR9uOQZu/y//mwEZZtuYk62s1XM6o94pomR9Iv+ODoD9QgIARJEXTo/c0a55pt1Ps5yepUAHrr2JQaKyzgqrYeh3wXjKUf74MIWo3HNeRK16q5GSEdWs5bzjhdEynm8PCsAJ8kLqn/JawLgbhnOKVtgHf/DvywgVR+r3ZdFlqzKQOIiTD0y0n+Niy8jVI50xPT0Sf4H+jzW1VUhKuU2hbuPjUbPAoIiCDm0KquUfGJNkmPO8wfFwSN9HJLGBS8J56IvDf6yib5u111ddVqY6nfq/lMydrRlahV1ifouiep9vNsG9pbDy63biXVyyZD+0M8vom3AoeV5Vi6WM6OitrmzjevPy2XdPzCmmPFsUiQaAMNvgrYlE5OmeAyRQiBAlBlzDWBdRQBHmzVfcwB4TIdFcwBA2hkCDOkX/StrPb66YHMd4l6BIfGNgpGXyUDeDw8sV0R9Z8UXAHZ7C/CkgCwiLXGXpKMYcXLW8+51TC+SFksBGq6xSv4rBTTIP/+BewWyrG4F9E08VY0wEwa7fS19Ub/sC5s0TZxc9udLODlPhXKqvUC2qfGBQIDAQABo1MwUTAdBgNVHQ4EFgQUZAuqKmA9OaaqrLYoDtKVPtCXA3MwHwYDVR0jBBgwFoAUZAuqKmA9OaaqrLYoDtKVPtCXA3MwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAZsze5LAdBkRBLmEK57E1Wp+3rhLIPjF49/riQcQZPhGV2ED4elMWsGbBTzPAeInq1m8FqMPCuAAU9Sbv+WmjzcJeDY2Re0jelmkSpiGejpRMdYhmoH3WOvHo1SfqZrlTowKKJ9qVp/nqMRMMxxjwvKvcjRjzdANl1oxitT6MjF7ISIQSHMi/sAXvYKprgcCdr+10bY+hQuK/r952Kd+YetTbfvS3B5UvhtJwCl1g3SUZCQ8n0Erxsg5rME2d10Ykva6UNlTeEEBsVWkvgkZTYzVv06T+BBIo8XX/FuwTnFj2Goej+CGxCntuFR+JMwuSX3eZKSVts3S7/ytGDFE3DKREN/xexARTICbl4+lCpvrdYIZHUR4YXTCAuw9OpYilWF/A/KlJb2aZWHI/RCDG2I7mwvA+Q9q+W5WNhBhYgeqvmF5bj0hDdVG0CpoGQEe34xasd0+EgoNlxJ565+fgXYdPdOCwXau1epRSYNNdWgjQFVs5oGhA0dbtfYQTjMN7WthvaXJNFofN4BvrGsEufIJwHTYbeHizbGu6dUxLCCLtVYVOHoF+EmL17djSU5PIT3bshDg2qmC/uJS/HTdr5NRybCyy3F8c5P7oDeVTbcqBRMY2e0ZxjJMMrwehU2q+gZovNRVTybplQXuvGzg3r0yuhRjQ1dWhKAZkEcV7B/Y=

Step 2: Configure SSO in Probely

With Probely configured in your Identity Provider, the second part of the SSO configuration is on the Probely side. For that, you need to provide the following information to Probely:

  • Your Entity Identifier

  • Your Certificate

  • The URL of your SSO or the URL with the metadata.

  • The SAML claims with information about:

    • The first name.

    • The last name.

    • The email.

You can also map your SAML Groups to Probely Roles and specific scopes, i.e., global to the account, a team, or a target. In this case, you must provide Probely with the SAML claim with the information about the SAML Groups and tell Probely how the mapping is done. Here is an example:

SAML Group

Probely Role

Probely Scope

probely_admin

Admin

Global to the Probely Account

teamX_admin

Admin

Team X

teamX_developers

Developer

Team X

portal_developers

Developer

Portal Target

This mapping would produce the following results:

  • Users belonging to probely_admin would be given Admin permissions global to your Probely account. They can view and take action on any target of your account.

  • Users belonging to groups teamX_admin and teamX_developers would only perform actions on targets of Team X, with permissions to do what the respective Admin and Developer roles allow.

  • Users belonging to portal_developers would have the permissions given by the Developer role and would only perform actions on a single target: the Portal Target.

Did this answer your question?