This guide provides step-by-step instructions on setting up Bitrise as a SAML application on Idaptive.
Before you start:
- You must be one of the owners of the Bitrise Workspace to configure SAML SSO on Bitrise.
- You must be logged into your Admin Portal on Idaptive to set up Bitrise as a SAML SSO app and establish the connection between Bitrise and Idaptive. If you are using the User Portal, Switch to Admin Portal by clicking your avatar on Idaptive.
Getting configuration information from Idaptive ⚓
- Log into Idaptive as an Admin.
- Go to Apps, then to Web Apps. Click the Add Web Apps button on the right.
On the Custom tab and select SAML, and click Add. On the Add Web App popup hit Yes. Close the window. You will be automatically directed to the Settings page.
Add Bitrise to the Name and Application ID fields on the Settings page and click Save.
- Click Trust on the left menu bar and select the Manual configuration under Identity Provider Configuration.
Click the Signing Certificate dropdown and download the certificate. Open it with a text editor so that you can copy the full content of the certificate.
- Insert it in the Certificate text box on the Single Sign On page of Bitrise.
- Copy the Single Sign On URL from Trust page of Idaptive. Insert it on the Identity provider sign-on URL field on the Single Sign On page of Bitrise.
While on the Single Sign On page of Bitrise, copy the Single Sign-On URL and click Configure.
Now let’s head back to Idaptive! Under Service Provider Configuration click Manual Configuration. Type Bitrise in the SP Entity ID / Issuer / Audience and paste the Single Sing-On URL from Bitrise to the Assertion Consumer Service (ACS) URL on Idaptive.
Scroll down to NameID Format and select emailAddress. Click Save.
Go to Permissions and click the Add button. In the Select User, Group, or Role popup, type the user name you want to add to the SAML app. Select it and hit Add. Save your changes. This will change the status of your Bitrise SAML app to Deployed.
Check your inbox for an email from firstname.lastname@example.org which describes how to access the Workspace via SAML. This email contains a Sign In via SSO button and a URL. Click the link or paste the URL to a new window.
You’re directed to the Allow “Workspace name” to sign you in page. Click Authorize if you trust the Workspace to control your Bitrise account-sign in process. Note that once you click Authorize, you’ll only be able authenticate this account via SAML SSO. Click Don’t allow if the invitation email is from an untrusted source.
- If all went well, you should be landing on our Bitrise Dashboard.
If you click Profile settings and select the Single Sign-On tab from the left menu, you should see SAML SSO is enabled for your Workspace. Once all Workspace members have authorized their SAML SSO connection, you can enforce SAML SSO on the whole Workspace with a simple toggle.