Single Sign On (SSO)

GorillaStack offers two different forms of Single Sign On:

  1. Basic Google Mail SSO
  2. SSO with SAML 2.0

Basic Google Mail SSO is handled simply with a button on our login form. SSO with SAML 2.0 allows a team to bring their own Identity Provider (IdP) to GorillaStack for the:

  • provisioning of Users
  • assignment of Roles (via a SAML Attribute)

Enterprise customers find that this simplifies their own employee onboarding/offboarding and improves security of access.

Configuring SSO with SAML

This is a feature for enterprise customers and as such may not be available when you attempt to access it. If you would like access, please get in touch.
  1. First click your team name and then the "Team Settings" link in the nav bar Team Settings Nav
  2. Click the "Single Sign On" link in the left hand nav Team Settings Single Sign On
  3. GorillaStack needs some information about your Identity Provider. This comes in either XML, as a URL to some XML, or alternatively you can enter this data manually if you click the link "Enter details manually" under the "Configure" button Team Settings Single Sign On Manually
  4. Click "Configure" in GorillaStack to save the configuration details
  5. Follow the steps within your Identity Provider to add GorillaStack as an app

SAML Assertions

As an optional step, you can configure your Identity Provider to send custom SAML assertions when the user signs in. GorillaStack will use these SAML assertions to pre-fill the user profile.

Click here for a reference of the supported SAML assertions that can be mapped.

Next, read through our glossary to familiarise yourself with GorillaStack terminology