Tutorial - Enable Single Sign On Authentication

To support the ever growing amount of users on our platform and to improve the usability of their user management we added support for SSO. This will make it easier supporting large user-bases of CoScale both on-premise as on our SAAS platform. We added support for organisations and teams. This makes it really easy to give (limited) access to a particular team on some of the CoScale applications for your organisation.

1. Click on your username, in the top right corner of your app

Select “My organisation” from the drop down.

Click username

2. Click on “Enable SSO”

Enable SSO

3. Fill in the required fields

  • SSO Url
  • Entity ID
  • Certificate

SSO fields

CoScale supports the HTTP-POST binding for SAML2: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST CoScale specifies urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress for the format of the NameIDPolicy in Assertion Requests.

You will have to provide the following in your Identity provider:

  • CoScale ACS URL: https://app.coscale.com/api/v1/sso/acs/
  • CoScale Entity ID: https://app.coscale.com/api/v1/sso/metadata/

In return you will get a SSO Url, Entity ID and Certificate, put these into the form. For the certificate, please omit the first and last line containing BEGIN CERTIFICATE and END CERTIFICATE.

For Google SSO specifics see https://support.google.com/a/answer/6087519?hl=en