With just a few simple steps, your organization’s employees can log into CloudShell Colony with their corporate accounts using SSO.
SSO integration provides enhanced security and significant cost-savings as you no longer need to manage your user accounts in Colony and your employees don’t need to remember another set of credentials. Quick, easy and hassle-free.
This is done by integrating your organization's identity provider with CloudShell Colony's identity management system. CloudShell Colony uses Okta for identity management and supports integration with all identity providers (IdPs).
How this works
- Your CloudShell Colony admin creates an application on your IdP that defines the relevant users, as explained in the section below.
- We map your IdP's client application to Colony's identity management and provide you with an SSO-enabled account.
- A member of your organization uses this account to log in.
- The user is redirected to CloudShell Colony's Corporate Account SSO (Single Sign On) login page.
- The user enters their corporate email address and password.
- We authenticate the user against your IdP and grant access to Colony.
Integrating your IdP with CloudShell Colony
To integrate your IdP with CloudShell Colony:
- On your IdP, create a new client application.
- In the application, do the following:
- Include the users that will access CloudShell Colony.
- For each user, specify the following:
- space_name: CloudShell Colony Space in which the user will operate.
- space_role: User's role in that space, as defined in Administration>Roles>Space Roles.
- Save the application.
- Copy the relevant details from the application.
These may change depending on your IdP - see this Okta help article for details. For example, these are the details for SAML 2.0:
- IdP Issuer URI
- IdP Single Sign-On URL
- IdP Signature Certificate
- Go to Quali’s Support Center and add a new ticket, requesting SSO integration:
- Click + Add in the top left corner.
- From the Requester drop-down list, select Colony.
- From the Form drop-down list, select Colony Support Request.
- Enter a Subject. For example: “SSO integration for <organization name>”, and in the description, request SSO integration, and provide the names of the custom user attributes and the application details.
- Click Submit.
Once SSO integration is set up, the application’s users will be able to use your SSO-enabled account to log in to CloudShell Colony, as explained in Login to CloudShell Colony.