SSO Configuration
Last updated
Was this helpful?
Last updated
Was this helpful?
This guide walks you through configuring Single Sign-On (SSO) with Firefly using either Azure AD or Okta as your Identity Provider (IdP). For Ping configuration, please contact Firefly support.
Firefly uses Terraform modules to create and configure your SSO integration. Here's what we'll do:
Create an SSO application in your IdP ( or )
In case of Okta IdP, contact Firefly to receive a certificate
Assign your admins and viewers to dedicated groups
Extract SAML metadata to set up the connection
Please provide us with the SAML metadata URL from your IdP (preferred), or the following details manually:
Sign in endpoint
Sign out endpoint
Signing certificate (PEM format)
If you'd like Firefly to sync roles from your IdP, please:
Ensure users are assigned to specific groups
Let us know the exact group names
Visit your dedicated Firefly login page (provided by Firefly support team)
Log in using your IdP
You should be redirected to the Firefly platform
If your IdP manages user roles:
You should automatically be assigned as an admin if you're in the appropriate group
Roles would be updated with first login
If you want to enable SCIM provisioning (user/group sync), it must be done via your IdP UI. SCIM configuration details will be provided by Firefly upon request.
Reach out to your Firefly Customer Success manager or email for assistance with your SSO configuration.