Whilst it is simple to manage admin user access to the Zephr Admin Console, some organisations like to manage access to company tools via a single platform. To make this possible, Zephr offers SAML authentication for admin user access. This needs to be configured both within your Zephr Admin Consoole, and within your SAML client.
For this tutorial, we have used Okta as the SAML client.
Within your SAML client
Within the ‘Configure SAML’ step set the Single sign on URL to your Zephr Admin Console URL + /V3/saml/ callback (e.g. test.admin.blaize.io/v3/saml/) and set the Attribute to ‘Role’ with the value = user.Role.
Within Applications > Profile Editor add a new field to the profile schema.
Variable name should be set to Role, on save this will be stored as ‘user.Role’
In order for a user to gain access to Zephr administration, the User’s Role must equal ‘blaize-<tenant name>-administrator’
Once configured you will need to go back to Applications > Sign On configuration & copy the SAML metadata into Zephr.
Navigate to Settings > SAML. Tick Enable SAML and set a Provider Label and Attribute Name (this should be set to ‘Role’).
Paste the copied from your SAML client into the Metadata area and click Save.