Single Sign On (SSO)
GorillaStack offers two different forms of Single Sign On:
- Basic Google Mail SSO
- SSO with SAML 2.0
Basic Google Mail SSO is handled simply with a button on our login form.
SSO with SAML 2.0 allows a team to bring their own Identity Provider (IdP) to GorillaStack for the:
- provisioning of Users
- assignment of Roles (via a SAML Attribute)
Enterprise customers find that this simplifies their own employee onboarding/offboarding and improves security of access.
Configuring SSO with SAML
This is a feature for enterprise customers and as such may not be available when you attempt to access it. If you would like access, please get in touch.
- First click your team name and then the "Team Settings" link in the nav bar
- Click the "Single Sign On" link in the left hand nav
- GorillaStack needs some information about your Identity Provider. This comes in either XML, as a URL to some XML, or alternatively you can enter this data manually if you click the link "Enter details manually" under the "Configure" button
- Click "Configure" in GorillaStack to save the configuration details
- Follow the steps within your Identity Provider to add GorillaStack as an app
As an optional step, you can configure your Identity Provider to send custom SAML
assertions when the user signs in. GorillaStack will use these SAML assertions to prefill the user profile.
Click here for a reference of the supported SAML assertions that can be mapped.
Next, read through our glossary to familiarize yourself with GorillaStack terminology