SAML SSO

SAML Integration with Kubit

Introduction

By integrating SAML SSO with Kubit’s Self-Service Analytics with either Google G-Suite or Okta, you can have fine control on which users in your organization can sign in to Kubit using their existing credential. This Single Sign On approach eliminates yet another set of username/password to be remembered, simplify user management, and also can improve security through your existing Multi-Factor Authentication.

 

Requirements

  • Your organization uses Google G-Suite or Okta for authentication.
  • You have Admin role. 

 

Roles

  • Identity Provider (IdP): Google or Okta
  • Service Provider: Auth0 (through Kubit)

 

Steps

SAML configuration is a complicated process. It is recommended to have a live session to work with Kubit support to setup and test the integration together.

Config

Kubit will provide the exact configuration information required on your side. Below is just an example:

Map Attributes

  • For Google, please map the following attributes

 

  • For Okta, please map the following attributes
    • Map “String.join(" ", user.firstName, user.lastName)” to “name” #using Okta Expression Language
    • Map “user.firstName” to “given_name”
    • Map “user.lastName” to “family_name”
    • Map “user.profileUrl” to “picture”

 

Respond

Once configured on your side, please provide the following information to Kubit support through a secure channel

 

Test

Once configured properly on both sides, please work with Kubit support to test the integration.

  • Make sure yourself has been assigned permission to access Kubit app on your side.
  • Try to access https://<YOUR_ORG>.kubit.ai 
  • Type in your organization's email. 
  • Click on Sign In

 

References