Configuration for Loggly Single Sign On (SSO) using Okta
Step 1: Provide group mapping information to Loggly
Loggly controls user access through SSO via group membership mappings. In order to access the product, each user must be a member of at least one mapped group. Groups may map to one of two privilege levels, “user” or “administrator”. A user belonging to multiple groups will receive the highest privileges among any of their groups.
If you don’t wish to provide this information, we will use the following default mapping:
Step 2: Create application
- From the Okta dashboard, navigate to Admin -> Applications -> Add Application -> Create New App
- Select “SAML 2.0” as the sign on method.
- Provide a convenient name for the application and hit Next
- Fill in the following information:
- Single Sign On URL: https://<your subdomain>.loggly.com/sso/saml/do_sign_on
- Audience URI: https://<your subdomain>.loggly.com/sso/saml/metadata
- Default RelayState: Leave blank
- Name ID format: Unspecified
- Application username: email
- Under Attribute Statements, enter the following values:
- Under Group Attribute Statements, create one entry with the name “groups”. Give it a filter which will match the groups you decided upon in step 1. (If you chose to employ Loggly’s default mappings, select “Starts with: Loggly”.)
- Click ‘Next’ end enter the required feedback information to complete the app setup.
Step 3: Provide key information to Loggly
Once app setup is completed, you will be taken to your new app’s “Sign On” tab. Click View Setup Instructions. Provide all the information on this page to Loggly.
Once this is provided, Loggly’s administrators will create a SAML configuration for your subdomain and let you know when it’s ready to test.