SSO with SAML

Coralogix provides full SAML 2.0 support so you can integrate with your chosen IdP and manage your Coralogix users’ SSO login in a centralized way. Here you can find the walkthrough process for integrating with the common IdP’s in the market, don’t hesitate to contact us via the chat bubble within our web app if you have any questions or comments.

Notes:

• If you intend to follow this integration with a SCIM one please add the users through SCIM and make sure that any existing users are deleted before undertaking the SCIM integration. If necessary, you may leave one admin user.
• Upon completion of the SCIM integration, recreate all users through SCIM.

Common IdP’s for SAML Integration:

1. Google
2. OneLogin
3. Okta
4. Azure
5. JumpCloud

1) Integrate with Google as a SAML IdP

For dedicated Google instructions click here

2) Integrate with OneLogin as a SAML IdP

Go to your administration panel and navigate to applications. Click on Add App button and choose Coralogix:

Choose a name to display (default is Coralogix), add a description if you’d like, and Save.

Coralogix also supports IdP initiated flow so you will be able to connect to Coralogix directly from your Onelogin App portal. To enable, once our connector is saved, go to Configuration and insert your Coralogix account company Id (in your Coralogix account, go to settings –> send your logs) into the RelayState dialog box. Click Save:

Download the SAML Metadata XML file:

Upload the metadata file to our web app -> Settings -> Configure SAML:

3) Integrate with Okta as a SAML IdP

Enter your Okta admin panel –> Applications –> Add application. Search for ‘Coralogix’ app and click ‘add’:

Go to General Settings and click done:

Click on ‘view setup instructions’ and follow the manual to finish the setup:

Coralogix also supports IdP initiated flow so you can connect to Coralogix directly from your Okta apps dashboard. To set this, click on the Edit button and add your Coralogix team Company Id (You can retrieve it from the settings –> ‘send your logs’ tab on the top left) into the Default Relay State box. Click Save.

Default Relay State is the company ID which you can find under settings>send your logs.

4) Integrate with Azure as a SAML IdP

1. Enter https://portal.azure.com/.
2. After logging into Azure, go to ‘Azure Active Directory’ tab.
3. Select ‘Enterprise applications’ service.
4. Choose ‘New application’.
5. Choose ‘Non-gallery application’.
6. Name it (for example, CoralogixSSO) and click ‘Add’.
7. Go to ‘Configure single sign-on’.
8. Select ‘SAML-based Sign-on’ as the SSO mode
   
9. Next, you will need to add Coralogix service provider details to the configuration in Azure as follows:
   From our web app -> Settings -> Configure SAML:
       * Service Provider Entity ID/Audience 
       * Assertion Consumer Service URL
   In the Azure portal (example paths):
   
10. Choose ‘user.mail’ as the value for ‘User Identifier’
    
11. At the bottom of the page on step 5 click on ‘Configure CoralogixSSO’
12. Scroll down to step 3 of the ‘Configure CoralogixSSO’ for SSO section, and download the file named ‘SAML XML Metadata’
13. Scroll up to the top of the ‘SSO Configuration section’ and click on ‘Save’
14. Upload the metadata file to our web app -> Settings -> Configure SAML:
    

15. Click on the “Multiple teams” button in order to create a unique ID for the team.

5) Integrate with JumpCloud as a SAML IdP

JumpCloud supports both SP and IdP initiated flows. Here’s the procedure to configure the integration:

Locate the Coralogix Service Provider configuration:

1. Log in to your Coralogix team. Navigate to Account settings.

2. Go to “Configure SAML” tab:
   1. Download the Service Provider Metadata file from the  URL and save it to your PC
   2. Copy the values of following parameters:
      1. SP / Entity-Id (Multiple Teams)
      2. Assertion Consumer Service (ACS) URL

3. Go to “Send your data” tab:
   1. Copy the Company id

JumpCloud configuration:

4. On your JumpCloud account. Navigate to User Authentication -> SSO
5. Create a new custom SAML App

6. On the “General Info” tab, for the Display Label enter “Coralogix”

7. Go to the “SSO” tab. Enter the following parameters that were previously obtained from your Coralogix team (step 2 and 3):
   1. Service Provider metadata file
   2. SP Entity-Id 
   3. ACS url
   4. RelayState (Coralogix Company-Id)

8. Still on the “SSO” tab:
   1. For the IdP Entity ID, enter the value “JumpCloud”
   2. For the SAMLSubject NameID Format, select the value “urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress”

9. Go to the “User Group” tab and enable the app for All users. Activate the App.

10. Select the Coralogix SSO app. Export the IdP metadata file.

Coralogix configuration:

11. Upload the IdP metadata file (exported in step 10) to Coralogix

12. Activate SAML

Login with SAML

After SAML has been activated for your account you may access it using SSO. Here is how it is done. 

Enter Coralogix.com –> Login and insert your team name:

In the next window choose SSO login (for example, SIGN IN WITH GOOGLE) and you will be logged as a user.

If the username you used to login was used with Coralogix in the past (for example the administrator wanted to block the access and removed the username) then it will be required by the administrator to approve it. In that case a request was sent to your administrator, wait for his invitation email:

Join request received by the administrator:

Administrator panel view after receiving join request from a user, click on ‘approve’ to send an invitation to the user:

Invitation sent to you:

Congrats, now you can enter Coralogix with SAML SSO: