Our next-gen architecture is built to help you make sense of your ever-growing data. Watch a 4-min demo video!

Back to All Docs

SAML Management (via CLI) SAML Management (via CLI)

Last Updated: May. 14, 2023

The Coralogix CLI tool allows management of SAML SSO configuration by admin users. Actions supported on the CLI include viewing, initializing, activating, and deactivating SAML configuration. This capability makes it possible for SAML integration to be automated using scripts or other provisioning tools.

This tutorial will guide you on how to manage the SAML integration using the CLI tool.

Notes:

  • If you intend to follow this integration with our SCIM integration, delete any existing users before the SCIM integration is applied. If necessary, leave one admin user.
  • Upon completion of the SCIM integration, recreate all users through SCIM.

Getting started:

  1. Install the latest version of the Coralogix CLI
  2. Teams API key (Fetch this from Account -> Settings -> API access)
  3. User must have an admin role.

Environment variables:

Environment VariableDescription
CORALOGIX_SAML_API_KEYTeams API key

Note:
When the environment variable is set –api-key (-k) becomes an optional argument when using the tool.

Commands:

details

This command displays SAML configuration for:: your Team.

activate

This command will activate SAML on your Team.

deactivate

This command will deactivate SAML on your Team.

init

This command will initialize SAML on Coralogix with metadata file from the IdP.

Note: Initializing SAML does not activate it. For SSO authentication to work, SAML needs to be activated (using activate command).

add-entity-id 

This command adds your team-id to the SP Entity URL. 

This will help uniquely identify the Coralogix SP on the IdP (required when you are configuring SAML for multiple teams with the same Identity Provider).

remove-entity-id

This command removes team-id from the SP Entity URL

generate-provisioning-token

This command generates the provisioning token

remove-provisioning-token

This command removes the provisioning token

Examples:

Note: Examples below assume the api-key is provided as an environment variable.

ExampleCommandDescription
cxctl saml --region detailsdetails* View saml configuration details
cxctl saml --region eu activateactivate* Activate SAML for your team hosted on the EU cluster
cxctl saml --region eu deactivatedeactivate* Deactivate SAML for your team hosted on the EU cluster
cxctl saml --region eu init /path/to/IdP-metadata.xml init* Initialize SAML for a team hosted on eu cluster using the metadata file from your IdP.
cxctl saml --region eu init /path/to/IdP-metadata.xml --add-entity-id --provisionTokeninit* Initialize SAML for a team hosted on eu cluster using the metadata file from your IdP.

* Append team-Id to the SP Entity-Id URL

*Generates a provisioning token
cxctl saml --region eu add-entity-idadd-entity-id* adds entity-id to the service provider
cxctl saml --region eu remove-entity-idremove-entity-id* removes entity-id from the service provider
cxctl saml --region eu generate-provisioning-tokengenerate-provisioning-token* generates provisioning token
cxctl saml --region eu remove-provisioning-tokenremove-provisioning-token* removes provisioning token

Options

FlagsDescriptionMandatory / Optional
--region region

-r region
Coralogix cluster hosting your account. Valid options are:
- eu (EU1)
- se (EU2)
- us (US1)
- in (API1)
- sg (AP2)
Mandatory when --custom-endpoint is not provided.
--api-key api-key

-k api-key
Teams API key from your account settings.Optional when the CORALOGIX_SAML_API_KEY environment variable is set
--custom-endpoint URLURL to your Coralogix API endpoint. (Applies for customers with private-link integrations)Mandatory when --region is not provided
--add-entity-id Adds entity-id when the init sub-command is executedOptional flag supported by the init sub-command only 
--provisionTokenGenerates the provisioning token when the init sub-command is executedOptional flag supported by the init sub-command only 
--helpDisplays help text

On this page