Configuring SAML SSO

Security Assertion Markup Language 2.0 (SAML) is a standard for signing users in to applications based on their sessions from another context. This single sign-on (SSO) login standard has significant advantages over logging in using a username/password:

  • No need to type in credentials

  • No need to remember and renew passwords

  • No weak passwords

SAML enables web-based, cross-domain single sign-on (SSO), which helps reduce the administrative overhead of distributing multiple authentication tokens to the user. It uses security tokens containing assertions to pass information about a end user between

  • A SAML authority, named an Identity Provider, such as Okta or OneLogin, and

  • A SAML consumer, such as the CloudBees CD/RO services

Looking for Kerberos SSO information instead? See Configuring Kerberos SSO.

Configuring CloudBees CD/RO for SAML SSO

SAML does not require configuration that is specific to CloudBees CD/RO. However, you must configure CloudBees CD/RO itself to enable SAML. See Configuring CloudBees CD/RO for SAML SSO for details.

Server configuration

After single sign-on using SAML is installed and configured, you must enable it in CloudBees CD/RO. For details, see Single Sign-On.

End-User sign in

For information about how end users will sign in to CloudBees CD/RO using single sign-on in SAML, see Signing in to CloudBees CD/RO.