Last Updated: May. 14, 2023
The Coralogix CLI tool allows management of SAML SSO configuration by admin users. Actions supported on the CLI include viewing, initializing, activating, and deactivating SAML configuration. This capability makes it possible for SAML integration to be automated using scripts or other provisioning tools.
This tutorial will guide you on how to manage the SAML integration using the CLI tool.
Notes:
- If you intend to follow this integration with our SCIM integration, delete any existing users before the SCIM integration is applied. If necessary, leave one admin user.
- Upon completion of the SCIM integration, recreate all users through SCIM.
Getting started:
- Install the latest version of the Coralogix CLI
- Teams API key (Fetch this from Account -> Settings -> API access)
- User must have an admin role.
Environment variables:
| Environment Variable | Description |
| CORALOGIX_SAML_API_KEY | Teams API key |
Note: When the environment variable is set –api-key (-k) becomes an optional argument when using the tool.
Commands:
details
This command displays SAML configuration for:: your Team.
activate
This command will activate SAML on your Team.
deactivate
This command will deactivate SAML on your Team.
init
This command will initialize SAML on Coralogix with metadata file from the IdP.
Note: Initializing SAML does not activate it. For SSO authentication to work, SAML needs to be activated (using activate command).
add-entity-id
This command adds your team-id to the SP Entity URL.
This will help uniquely identify the Coralogix SP on the IdP (required when you are configuring SAML for multiple teams with the same Identity Provider).
remove-entity-id
This command removes team-id from the SP Entity URL
generate-provisioning-token
This command generates the provisioning token
remove-provisioning-token
This command removes the provisioning token
Examples:
Note: Examples below assume the api-key is provided as an environment variable.
| Example | Command | Description |
cxctl saml --region details | details | * View saml configuration details |
cxctl saml --region eu activate | activate | * Activate SAML for your team hosted on the EU cluster |
cxctl saml --region eu deactivate | deactivate | * Deactivate SAML for your team hosted on the EU cluster |
cxctl saml --region eu init /path/to/IdP-metadata.xml | init | * Initialize SAML for a team hosted on eu cluster using the metadata file from your IdP. |
cxctl saml --region eu init /path/to/IdP-metadata.xml --add-entity-id --provisionToken | init | * Initialize SAML for a team hosted on eu cluster using the metadata file from your IdP.
* Append team-Id to the SP Entity-Id URL
*Generates a provisioning token |
cxctl saml --region eu add-entity-id | add-entity-id | * adds entity-id to the service provider |
cxctl saml --region eu remove-entity-id | remove-entity-id | * removes entity-id from the service provider |
cxctl saml --region eu generate-provisioning-token | generate-provisioning-token | * generates provisioning token |
cxctl saml --region eu remove-provisioning-token | remove-provisioning-token | * removes provisioning token |
Options
| Flags | Description | Mandatory / Optional |
--region region
-r region | Coralogix cluster hosting your account. Valid options are:
- eu
- in
- us | Mandatory when --custom-endpoint is not provided. |
--api-key api-key
-k api-key | Teams API key from your account settings. | Optional when the CORALOGIX_SAML_API_KEY environment variable is set |
| --custom-endpoint URL | URL to your Coralogix API endpoint. (Applies for customers with private-link integrations) | Mandatory when --region is not provided |
| --add-entity-id | Adds entity-id when the init sub-command is executed | Optional flag supported by the init sub-command only |
| --provisionToken | Generates the provisioning token when the init sub-command is executed | Optional flag supported by the init sub-command only |
| --help | Displays help text | |
Oh no!We didn’t find anything for “”,
