{"_id":"5b1086b36e2e690003f911b5","project":"56ba46e2ce5d540d00e2d7a7","version":{"_id":"56ba46e2ce5d540d00e2d7aa","project":"56ba46e2ce5d540d00e2d7a7","__v":13,"createdAt":"2016-02-09T20:06:58.727Z","releaseDate":"2016-02-09T20:06:58.727Z","categories":["56ba46e3ce5d540d00e2d7ab","5771a6b145c7080e0072927f","5771a72eb0ea6b0e006a5221","5772e5b20a6d610e00dea073","577c3006b20f211700593629","57ae587bca3e310e00538155","57ae593a7c93fa0e001e6b50","57b1f8263ff6c519005cf074","582601f155b1060f00ec4173","582a62857a96051b0070b011","58ebfae58d5a860f00851fb9","590a75a1ec0d5e190095ab38","59e5253fd460b50010237bed"],"is_deprecated":false,"is_hidden":false,"is_beta":false,"is_stable":true,"codename":"","version_clean":"1.0.0","version":"1.0"},"category":{"_id":"582601f155b1060f00ec4173","project":"56ba46e2ce5d540d00e2d7a7","__v":0,"version":"56ba46e2ce5d540d00e2d7aa","sync":{"url":"","isSync":false},"reference":false,"createdAt":"2016-11-11T17:37:53.355Z","from_sync":false,"order":1,"slug":"guides","title":"Guides"},"user":"5a28a0f41516850012fa6adb","__v":0,"updates":[],"next":{"pages":[],"description":""},"createdAt":"2018-05-31T23:35:15.820Z","link_external":false,"link_url":"","githubsync":"","sync_unique":"","hidden":false,"api":{"results":{"codes":[]},"settings":"","auth":"required","params":[],"url":""},"isReference":false,"order":999,"body":"This documentation provides the setup instructions for Security Assertion Markup Language (SAML) single sign-on. \n\nTo get started, please [contact support](mailto:support:::at:::logdna.com) in order to enable SAML sign-in policy for your app.\n\n**After SAML is enabled, you will need to configure your Identity Provider (IdP) settings in LogDNA. \n**\n**Step 1: ** Go to **Settings > Team Members**. \n**Step 2:** Click on *Settings* tab on the side to switch the view to Sign In settings for your app. \n**Step 3:** You can either drop your metadata from your IdP OR manually set up the fields by clicking on *configure manually*.  LogDNA requires Identity Provider Sign-in URL and X.509 certificate fields from your IdP for a successful configuration. \n[block:image]\n{\n  \"images\": [\n    {\n      \"image\": [\n        \"https://files.readme.io/3ef310e-Manage_Team__LogDNA_2018-05-31_17-54-49.png\",\n        \"Manage Team » LogDNA 2018-05-31 17-54-49.png\",\n        607,\n        504,\n        \"#eaeaea\"\n      ],\n      \"caption\": \"\"\n    }\n  ]\n}\n[/block]\n**Step 4: **Confirm fields and click on **Save Config** button. All set! \n\n\n## OneLogin Setup \n\nIf you're using OneLogin as your IdP, here's how you can set it up on OneLogin's side and obtain  Identity Provider Sign-in URL and X.509 certificate fields for LogDNA;\n\n**1.** Head to your organization's OneLogin. Click on **Apps > Add Apps** \n[block:image]\n{\n  \"images\": [\n    {\n      \"image\": [\n        \"https://files.readme.io/68b0f06-onelogin_apps_add_app_-_Google_Search_2018-05-31_17-12-42.png\",\n        \"onelogin apps add app - Google Search 2018-05-31 17-12-42.png\",\n        534,\n        190,\n        \"#ebe6e8\"\n      ]\n    }\n  ]\n}\n[/block]\n**2.** Search for *SAML* in the Find Applications section. Select **SAML Test Connector (IdP w/attr)** from the search result.\n\n**3.** Update the Display Name, and click **SAVE**. \n[block:image]\n{\n  \"images\": [\n    {\n      \"image\": [\n        \"https://files.readme.io/ae209c2-logdna-org-208639_-_Applications_2018-06-01_11-15-20.png\",\n        \"logdna-org-208639 - Applications 2018-06-01 11-15-20.png\",\n        770,\n        436,\n        \"#fafafa\"\n      ],\n      \"sizing\": \"smart\"\n    }\n  ]\n}\n[/block]\n**4.** Under *Configuration* Tab, enter your LogDNA Single Sign on URL under *ACS (Consumer) URL Validation* and *ACS (Consumer) URL*.  \nLogDNA Single Sign on URL can be found on your LogDNA app. You can find it on *Settings > Team Members > Settings tab,* under SAML configuration section. Copy this URL. \n[block:image]\n{\n  \"images\": [\n    {\n      \"image\": [\n        \"https://files.readme.io/2aa2f8e-Manage_Team__LogDNA_2018-05-31_17-35-45.png\",\n        \"Manage Team » LogDNA 2018-05-31 17-35-45.png\",\n        619,\n        452,\n        \"#ecebeb\"\n      ]\n    }\n  ]\n}\n[/block]\nPaste that URL in your OneLogin *Configuration* tab under *ACS URL Validator* and *ACS URL* sections. \n[block:image]\n{\n  \"images\": [\n    {\n      \"image\": [\n        \"https://files.readme.io/703a068-logdna-org-208639_-_Applications_2018-06-01_11-25-37.png\",\n        \"logdna-org-208639 - Applications 2018-06-01 11-25-37.png\",\n        1056,\n        635,\n        \"#f6f8f9\"\n      ]\n    }\n  ]\n}\n[/block]\n\n**5.** Keep Parameters and Rules tabs as it is unless you have a special setup. Move to *SSO* tab. \nMake sure you select **SAML Signature Algorithm -> SHA-256** \n[block:image]\n{\n  \"images\": [\n    {\n      \"image\": [\n        \"https://files.readme.io/0302938-OneLogin_2018-05-31_17-43-44.png\",\n        \"OneLogin 2018-05-31 17-43-44.png\",\n        957,\n        659,\n        \"#f1f1f1\"\n      ]\n    }\n  ]\n}\n[/block]\n**6.** Modify other tabs if needed and click **SAVE** button \n\nNow, depending on how you want to proceed with LogDNA SAML Configuration; \n\n**-** You can either click on **MORE ACTIONS > SAML** Metadata to download the metadata XML and drop it on LogDNA SAML Configuration to let LogDNA grab the information needed. \n[block:image]\n{\n  \"images\": [\n    {\n      \"image\": [\n        \"https://files.readme.io/a567d15-Screen_Shot_2018-05-31_at_5.49.09_PM.png\",\n        \"Screen Shot 2018-05-31 at 5.49.09 PM.png\",\n        350,\n        202,\n        \"#e02771\"\n      ]\n    }\n  ]\n}\n[/block]\n**-** Or you can configure it manually via the using your OneLogin SAML connector's SSO tab information. \nIdentity Provider sign-in URL in LogDNA configuration page corresponds to SAML 2.0 Endpoint (HTTP) under OneLogin SSO tab. For X.509 certificate, you need to download it from OneLogin and upload it LogDNA (please make sure that it's a .pem file)\n[block:image]\n{\n  \"images\": [\n    {\n      \"image\": [\n        \"https://files.readme.io/5154825-Manage_Team__LogDNA_2018-05-31_17-54-49.png\",\n        \"Manage Team » LogDNA 2018-05-31 17-54-49.png\",\n        607,\n        504,\n        \"#eaeaea\"\n      ]\n    }\n  ]\n}\n[/block]\nClick on **Save Config**. All set!\n\n\n## Okta Setup \n\nIf you're using Okta as your IdP, here's how you can set it up on Okta's side and obtain Identity Provider Sign-in URL and X.509 certificate fields for LogDNA;\n\n**1.** Head to your organization's Okta. Click on **Applications > Add Application**, then click on **Create New App** \n[block:image]\n{\n  \"images\": [\n    {\n      \"image\": [\n        \"https://files.readme.io/ea3354c-logdna-org-208639_-_Applications_2018-06-01_11-14-27.png\",\n        \"logdna-org-208639 - Applications 2018-06-01 11-14-27.png\",\n        325,\n        223,\n        \"#f6f6f5\"\n      ]\n    }\n  ]\n}\n[/block]\n\n[block:image]\n{\n  \"images\": [\n    {\n      \"image\": [\n        \"https://files.readme.io/912941f-logdna-org-208639_-_Applications_2018-06-01_11-12-18.png\",\n        \"logdna-org-208639 - Applications 2018-06-01 11-12-18.png\",\n        402,\n        234,\n        \"#eee9ea\"\n      ]\n    }\n  ]\n}\n[/block]\n**2.** on Create a new Application Integration window, choose *Platform: Web* and *Sign on Method: SAML 2.0*. Hit **Create**. \n[block:image]\n{\n  \"images\": [\n    {\n      \"image\": [\n        \"https://files.readme.io/0b82081-logdna-org-208639_-_Applications_2018-06-01_11-15-20.png\",\n        \"logdna-org-208639 - Applications 2018-06-01 11-15-20.png\",\n        770,\n        436,\n        \"#fafafa\"\n      ]\n    }\n  ]\n}\n[/block]\n**3.** Fill out the information under *General Settings* Tab, click **Next**. \n\n**4.** Under *Configure SAML*; Use the Single Sign on URL from LogDNA under Single sign on URL in Okta. Audience URI (SP Entity ID) is logdna-saml/<accountID>. \n**Note:** account ID can be seen in the URL when you log in to your LogDNA account. Here's our URL format; https://app.logdna.com/<accountID>/logs/view\n[block:image]\n{\n  \"images\": [\n    {\n      \"image\": [\n        \"https://files.readme.io/d7547fe-logdna-org-208639_-_Applications_2018-06-01_11-25-37.png\",\n        \"logdna-org-208639 - Applications 2018-06-01 11-25-37.png\",\n        1056,\n        635,\n        \"#f6f8f9\"\n      ]\n    }\n  ]\n}\n[/block]\n**5.** Fill out the *Feedback* tab and Click on **Finish**\n\n**6.** You will be redirected to the Application's detail. On *Sign On* tab, Okta will provide you the necessary information to set up on LogDNA SAML Configuration in order to complete the SAML integration.\n[block:image]\n{\n  \"images\": [\n    {\n      \"image\": [\n        \"https://files.readme.io/12ca8d5-logdna-org-208639_-_LogDNA_Test_SAML_LogDNA_Test_SAML_2018-06-01_11-29-58.png\",\n        \"logdna-org-208639 - LogDNA Test SAML: LogDNA Test SAML 2018-06-01 11-29-58.png\",\n        757,\n        822,\n        \"#f9f9f8\"\n      ]\n    }\n  ]\n}\n[/block]\nNow, depending on how you want to proceed with LogDNA SAML Configuration;\nYou can either click on *View Setup Instructions* or *Identity Provider metadata*. \n\n**-** You can click on *View Setup Instructions* you will have the access to individual fields to use for your LogDNA Configuration (if you want to proceed with the manual configuration). \nOn the Okta Application's SAML configuration page;\nCopy the *Identity Provider Single Sign-on URL* and paste it to your LogDNA *Identity Provider Sign-in URL* field. \nClick on **Download certificate** to save the Okta SAML certificate and use it on your LogDNA *X.509 certificate* field. \n[block:image]\n{\n  \"images\": [\n    {\n      \"image\": [\n        \"https://files.readme.io/74b4399-logdna-org-208639_-_Setup_Instructions_-_LogDNA_Test_SAML_SAML_2.0_2018-06-01_11-40-05.png\",\n        \"logdna-org-208639 - Setup Instructions - LogDNA Test SAML SAML 2.0 2018-06-01 11-40-05.png\",\n        938,\n        864,\n        \"#f1f1f1\"\n      ]\n    }\n  ]\n}\n[/block]\n**-** Or, you can save *Identity Provider metadat*a from Okta and drop the metadata XML to let LogDNA configure your SAML automatically for you. \n\nPlease confirm the fields and click on **Save Config**. All set!","excerpt":"","slug":"saml-sso","type":"basic","title":"SAML SSO"}
This documentation provides the setup instructions for Security Assertion Markup Language (SAML) single sign-on. To get started, please [contact support](mailto:support@logdna.com) in order to enable SAML sign-in policy for your app. **After SAML is enabled, you will need to configure your Identity Provider (IdP) settings in LogDNA. ** **Step 1: ** Go to **Settings > Team Members**. **Step 2:** Click on *Settings* tab on the side to switch the view to Sign In settings for your app. **Step 3:** You can either drop your metadata from your IdP OR manually set up the fields by clicking on *configure manually*. LogDNA requires Identity Provider Sign-in URL and X.509 certificate fields from your IdP for a successful configuration. [block:image] { "images": [ { "image": [ "https://files.readme.io/3ef310e-Manage_Team__LogDNA_2018-05-31_17-54-49.png", "Manage Team » LogDNA 2018-05-31 17-54-49.png", 607, 504, "#eaeaea" ], "caption": "" } ] } [/block] **Step 4: **Confirm fields and click on **Save Config** button. All set! ## OneLogin Setup If you're using OneLogin as your IdP, here's how you can set it up on OneLogin's side and obtain Identity Provider Sign-in URL and X.509 certificate fields for LogDNA; **1.** Head to your organization's OneLogin. Click on **Apps > Add Apps** [block:image] { "images": [ { "image": [ "https://files.readme.io/68b0f06-onelogin_apps_add_app_-_Google_Search_2018-05-31_17-12-42.png", "onelogin apps add app - Google Search 2018-05-31 17-12-42.png", 534, 190, "#ebe6e8" ] } ] } [/block] **2.** Search for *SAML* in the Find Applications section. Select **SAML Test Connector (IdP w/attr)** from the search result. **3.** Update the Display Name, and click **SAVE**. [block:image] { "images": [ { "image": [ "https://files.readme.io/ae209c2-logdna-org-208639_-_Applications_2018-06-01_11-15-20.png", "logdna-org-208639 - Applications 2018-06-01 11-15-20.png", 770, 436, "#fafafa" ], "sizing": "smart" } ] } [/block] **4.** Under *Configuration* Tab, enter your LogDNA Single Sign on URL under *ACS (Consumer) URL Validation* and *ACS (Consumer) URL*. LogDNA Single Sign on URL can be found on your LogDNA app. You can find it on *Settings > Team Members > Settings tab,* under SAML configuration section. Copy this URL. [block:image] { "images": [ { "image": [ "https://files.readme.io/2aa2f8e-Manage_Team__LogDNA_2018-05-31_17-35-45.png", "Manage Team » LogDNA 2018-05-31 17-35-45.png", 619, 452, "#ecebeb" ] } ] } [/block] Paste that URL in your OneLogin *Configuration* tab under *ACS URL Validator* and *ACS URL* sections. [block:image] { "images": [ { "image": [ "https://files.readme.io/703a068-logdna-org-208639_-_Applications_2018-06-01_11-25-37.png", "logdna-org-208639 - Applications 2018-06-01 11-25-37.png", 1056, 635, "#f6f8f9" ] } ] } [/block] **5.** Keep Parameters and Rules tabs as it is unless you have a special setup. Move to *SSO* tab. Make sure you select **SAML Signature Algorithm -> SHA-256** [block:image] { "images": [ { "image": [ "https://files.readme.io/0302938-OneLogin_2018-05-31_17-43-44.png", "OneLogin 2018-05-31 17-43-44.png", 957, 659, "#f1f1f1" ] } ] } [/block] **6.** Modify other tabs if needed and click **SAVE** button Now, depending on how you want to proceed with LogDNA SAML Configuration; **-** You can either click on **MORE ACTIONS > SAML** Metadata to download the metadata XML and drop it on LogDNA SAML Configuration to let LogDNA grab the information needed. [block:image] { "images": [ { "image": [ "https://files.readme.io/a567d15-Screen_Shot_2018-05-31_at_5.49.09_PM.png", "Screen Shot 2018-05-31 at 5.49.09 PM.png", 350, 202, "#e02771" ] } ] } [/block] **-** Or you can configure it manually via the using your OneLogin SAML connector's SSO tab information. Identity Provider sign-in URL in LogDNA configuration page corresponds to SAML 2.0 Endpoint (HTTP) under OneLogin SSO tab. For X.509 certificate, you need to download it from OneLogin and upload it LogDNA (please make sure that it's a .pem file) [block:image] { "images": [ { "image": [ "https://files.readme.io/5154825-Manage_Team__LogDNA_2018-05-31_17-54-49.png", "Manage Team » LogDNA 2018-05-31 17-54-49.png", 607, 504, "#eaeaea" ] } ] } [/block] Click on **Save Config**. All set! ## Okta Setup If you're using Okta as your IdP, here's how you can set it up on Okta's side and obtain Identity Provider Sign-in URL and X.509 certificate fields for LogDNA; **1.** Head to your organization's Okta. Click on **Applications > Add Application**, then click on **Create New App** [block:image] { "images": [ { "image": [ "https://files.readme.io/ea3354c-logdna-org-208639_-_Applications_2018-06-01_11-14-27.png", "logdna-org-208639 - Applications 2018-06-01 11-14-27.png", 325, 223, "#f6f6f5" ] } ] } [/block] [block:image] { "images": [ { "image": [ "https://files.readme.io/912941f-logdna-org-208639_-_Applications_2018-06-01_11-12-18.png", "logdna-org-208639 - Applications 2018-06-01 11-12-18.png", 402, 234, "#eee9ea" ] } ] } [/block] **2.** on Create a new Application Integration window, choose *Platform: Web* and *Sign on Method: SAML 2.0*. Hit **Create**. [block:image] { "images": [ { "image": [ "https://files.readme.io/0b82081-logdna-org-208639_-_Applications_2018-06-01_11-15-20.png", "logdna-org-208639 - Applications 2018-06-01 11-15-20.png", 770, 436, "#fafafa" ] } ] } [/block] **3.** Fill out the information under *General Settings* Tab, click **Next**. **4.** Under *Configure SAML*; Use the Single Sign on URL from LogDNA under Single sign on URL in Okta. Audience URI (SP Entity ID) is logdna-saml/<accountID>. **Note:** account ID can be seen in the URL when you log in to your LogDNA account. Here's our URL format; https://app.logdna.com/<accountID>/logs/view [block:image] { "images": [ { "image": [ "https://files.readme.io/d7547fe-logdna-org-208639_-_Applications_2018-06-01_11-25-37.png", "logdna-org-208639 - Applications 2018-06-01 11-25-37.png", 1056, 635, "#f6f8f9" ] } ] } [/block] **5.** Fill out the *Feedback* tab and Click on **Finish** **6.** You will be redirected to the Application's detail. On *Sign On* tab, Okta will provide you the necessary information to set up on LogDNA SAML Configuration in order to complete the SAML integration. [block:image] { "images": [ { "image": [ "https://files.readme.io/12ca8d5-logdna-org-208639_-_LogDNA_Test_SAML_LogDNA_Test_SAML_2018-06-01_11-29-58.png", "logdna-org-208639 - LogDNA Test SAML: LogDNA Test SAML 2018-06-01 11-29-58.png", 757, 822, "#f9f9f8" ] } ] } [/block] Now, depending on how you want to proceed with LogDNA SAML Configuration; You can either click on *View Setup Instructions* or *Identity Provider metadata*. **-** You can click on *View Setup Instructions* you will have the access to individual fields to use for your LogDNA Configuration (if you want to proceed with the manual configuration). On the Okta Application's SAML configuration page; Copy the *Identity Provider Single Sign-on URL* and paste it to your LogDNA *Identity Provider Sign-in URL* field. Click on **Download certificate** to save the Okta SAML certificate and use it on your LogDNA *X.509 certificate* field. [block:image] { "images": [ { "image": [ "https://files.readme.io/74b4399-logdna-org-208639_-_Setup_Instructions_-_LogDNA_Test_SAML_SAML_2.0_2018-06-01_11-40-05.png", "logdna-org-208639 - Setup Instructions - LogDNA Test SAML SAML 2.0 2018-06-01 11-40-05.png", 938, 864, "#f1f1f1" ] } ] } [/block] **-** Or, you can save *Identity Provider metadat*a from Okta and drop the metadata XML to let LogDNA configure your SAML automatically for you. Please confirm the fields and click on **Save Config**. All set!