Set up Single Sign-On (SSO) for your organization
Single Sign-On (SSO) is an authentication method that allows a user to access multiple applications with one set of login credentials.
RisingWave Cloud supports SAML-based identity provider (IdP) platforms for SSO.
This article will guide you through the process of setting up SSO for your organization on RisingWave Cloud and logging in with SSO.
Setting up SSO configuration
Step 1: Create a SAML application on your IdP platform
Begin this process by setting up a SAML application on your IdP platform, such as Okta.
During the setup, provide placeholder values for the following fields:
- SP Entity ID or Issuer or Audience URI
- Assertion Consumer Service (ACS) URL
Configure the properties below on the IdP platform:
| Property | Description |
|---|---|
| IdP Single Sign-On URL | URL of the receiver of the SAML AuthNRequest. Use a placeholder value initially. You’ll get the actual value from your IdP after providing it with the Atlas metadata. |
| IdP Signature Certificate | PEM-encoded public key certificate of the IdP. You can obtain this value from your IdP. You can either upload the certificate from your computer or paste the contents into a text box. |
| Request Binding | SAML Authentication Request Protocol binding used to send the AuthNRequest. It can be either HTTP POST or HTTP REDIRECT. |
| Response Signature Algorithm | Response algorithm used to sign the SAML AuthNRequest. It can be either SHA-256 or SHA-1. |
Step 2: Configure SSO on RisingWave Cloud
- Go to the Org. tab and select SSO configuration.
- Click Create SSO configuration.
- Create a descriptive name for your SSO configuration. Enter the SSO URL, select the protocol and signature algorithm you used on your IdP platform, and upload the IdP certificate.
If you're using Okta, you can find the values here
If you're using Okta, you can find the values here
- Log in to your Okta account and navigate to the Applications section.
- Select the SAML application you created for RisingWave Cloud.
- Click View SAML setup instructions.
You can find the SSO URL and download the certificate file here.
- Click Confirm to save the configuration.
- After creation, a card with the SSO details will be added to the SSO configuration page. Use the
AscUrlandEntity IDvalues from this card to fill theIdP Single Sign-On URLandSP Entity ID / Issuer / Audience URIfields on your IdP platform.
If you're using Okta, you can find the settings here
If you're using Okta, you can find the settings here
- In the SAML application for RisingWave Cloud, select the General tab.
- Scroll down to the SAML Settings section and click Edit.
- Select the Configure SAML tab. Enter the
Single sign-on URLandAudience URI (SP Entity ID)values withAscUrlandEntity IDon the SSO configuration card on RisingWave Cloud.
- Scroll down and click Next. Then, Finish.
- Switch the toggle on the card to enable the SSO configuration for your organization.
Logging in with SSO
Once SSO is configured for your organization, all users can log in to RisingWave Cloud using their work email addresses and SSO credentials.
Steps:
- On the login page, click Enterprise single sign-on.
- Enter your work email and click Log in.
- You’ll be redirected to your IdP platform to complete the authentication process.
Set up Single Sign-On (SSO) for your organization
Single Sign-On (SSO) is an authentication method that allows a user to access multiple applications with one set of login credentials.
RisingWave Cloud supports SAML-based identity provider (IdP) platforms for SSO.
This article will guide you through the process of setting up SSO for your organization on RisingWave Cloud and logging in with SSO.
Setting up SSO configuration
Step 1: Create a SAML application on your IdP platform
Begin this process by setting up a SAML application on your IdP platform, such as Okta.
During the setup, provide placeholder values for the following fields:
- SP Entity ID or Issuer or Audience URI
- Assertion Consumer Service (ACS) URL
Configure the properties below on the IdP platform:
| Property | Description |
|---|---|
| IdP Single Sign-On URL | URL of the receiver of the SAML AuthNRequest. Use a placeholder value initially. You’ll get the actual value from your IdP after providing it with the Atlas metadata. |
| IdP Signature Certificate | PEM-encoded public key certificate of the IdP. You can obtain this value from your IdP. You can either upload the certificate from your computer or paste the contents into a text box. |
| Request Binding | SAML Authentication Request Protocol binding used to send the AuthNRequest. It can be either HTTP POST or HTTP REDIRECT. |
| Response Signature Algorithm | Response algorithm used to sign the SAML AuthNRequest. It can be either SHA-256 or SHA-1. |
Step 2: Configure SSO on RisingWave Cloud
- Go to the Org. tab and select SSO configuration.
- Click Create SSO configuration.
- Create a descriptive name for your SSO configuration. Enter the SSO URL, select the protocol and signature algorithm you used on your IdP platform, and upload the IdP certificate.
If you're using Okta, you can find the values here
If you're using Okta, you can find the values here
- Log in to your Okta account and navigate to the Applications section.
- Select the SAML application you created for RisingWave Cloud.
- Click View SAML setup instructions.
You can find the SSO URL and download the certificate file here.
- Click Confirm to save the configuration.
- After creation, a card with the SSO details will be added to the SSO configuration page. Use the
AscUrlandEntity IDvalues from this card to fill theIdP Single Sign-On URLandSP Entity ID / Issuer / Audience URIfields on your IdP platform.
If you're using Okta, you can find the settings here
If you're using Okta, you can find the settings here
- In the SAML application for RisingWave Cloud, select the General tab.
- Scroll down to the SAML Settings section and click Edit.
- Select the Configure SAML tab. Enter the
Single sign-on URLandAudience URI (SP Entity ID)values withAscUrlandEntity IDon the SSO configuration card on RisingWave Cloud.
- Scroll down and click Next. Then, Finish.
- Switch the toggle on the card to enable the SSO configuration for your organization.
Logging in with SSO
Once SSO is configured for your organization, all users can log in to RisingWave Cloud using their work email addresses and SSO credentials.
Steps:
- On the login page, click Enterprise single sign-on.
- Enter your work email and click Log in.
- You’ll be redirected to your IdP platform to complete the authentication process.