LogoLogo
  • Welcome to Firefly Documentation
  • Introduction
    • What is Firefly?
    • Who is Firefly for?
    • Why use Firefly?
    • Terminology (Glossary)
  • Key Features
    • Infrastructure-as-Code Automation
    • Cloud Asset Inventory
    • Drift Detection & Remediation
    • Policy-as-Code for Compliance & Governance
    • Cost Visibility & Optimization
    • AI Assistant
    • ChatOps Integration
  • Getting Started
    • Account Setup & Onboarding
    • Connecting Cloud Accounts
    • UI Walkthrough & Navigation
    • First Steps in Firefly
  • Detailed Guides
    • Dashboard Overview
    • Cloud Asset Inventory
      • Remediating Drifts
      • Deleting Assets
      • Creating IaC-Ignore Rules
      • Creating Exclude-Drift Rules
    • Policy & Governance
      • Creating Policy-as-Code Governance Rules
      • Remediating Policy Violations
    • Workflows & Guardrails
      • Creating Workflows
      • Creating Guardrail Rules
    • Codification
    • Self-Service
    • IaC Explorer
    • Event Center
    • Backup and Disaster Recovery
    • Notifications
    • User Management
    • SSO Configuration
  • Integrations
    • Integrations Overview
    • Integrating Data Sources
      • AWS
      • Azure
      • Google Cloud
      • Kubernetes
      • Akamai
      • Datadog
      • New Relic
      • Okta
      • GitHub
      • Cloudflare
      • NS1
      • PagerDuty
      • MongoDB Atlas
      • HashiCorp Vault
    • Integrating IaC Remote State
      • Terraform Cloud
      • Google Cloud Storage
      • env0
      • HashiCorp Consul
      • Firefly States Redactor
    • Integrating Version Control
      • GitHub
      • GitLab
      • Azure DevOps
      • CodeCommit
      • Bitbucket
    • Integrating Notifications
      • Slack
      • Microsoft Teams
      • PagerDuty
      • Opsgenie
      • Torq
      • Webex
      • Google Chat
      • Webhook
    • Integrating Project Management
      • Jira
      • ServiceNow
    • Integrating Workflows with CI/CD
    • Integrating Backstage
    • Integrating MCP
  • Use Cases & Best Practices
    • Cloud Governance & Visibility
    • Cost Optimization Strategies
    • Compliance and Security Best Practices
    • Infrastructure Automation & Self-Service
    • Best Practices and Implementation Tips
  • Analytics & Reporting
    • Analytics Dashboard Overview
    • Using Analytics for Improvement
    • Exporting and Sharing Reports
    • Analytics Security and Privacy
  • Code Snippets & Examples
    • Terraform Snippet for an AWS EC2 Instance (Codified via Firefly)
    • Example Rego Policy (OPA) for a Custom Rule
    • GitHub Actions Workflow YAML for Firefly Integration
    • JSON Output Example: Exporting Inventory
  • Troubleshooting & FAQs
    • Common Issues and Solutions
    • FAQs
  • General Information
    • Firefly API
      • Authentication
      • Inventory
      • Codification
      • Workflows
      • Self-Service
      • Policy & Governance
      • IaC Explorer
      • Event Center
      • Backup & Disaster Recovery
      • Notifications
      • Integrations
      • Identity & Access Management
    • Security & Compliance
    • Pricing Tiers & Add-ons
    • Contacting Support
Powered by GitBook
On this page
  • SSO Configuration
  • SSO Configuration
  • Set Up the SSO Application
  • Share Your SAML Metadata with Firefly
  • Role Sync from IdP (Optional)
  • Validate the SSO Connection
  • SCIM Provisioning (Optional)
  • Need Help?

Was this helpful?

  1. Detailed Guides

SSO Configuration

PreviousUser ManagementNextIntegrations Overview

Last updated 1 hour ago

Was this helpful?

SSO Configuration

SSO Configuration

This guide walks you through configuring Single Sign-On (SSO) with Firefly using either Azure AD or Okta as your Identity Provider (IdP). In case you are using a different IdP, please contact Firefly for further instructions.

Set Up the SSO Application

Firefly uses Terraform modules to create and configure your SSO integration. Here's what we'll do:

  1. Create an SSO application in your IdP ( or )

    • In case of Okta IdP, contact Firefly to receive a certificate

  2. Assign your admins and viewers to dedicated groups

  3. Extract SAML metadata to set up the connection

Examples

Share Your SAML Metadata with Firefly

Please provide us with the SAML metadata URL from your IdP (preferred), or the following details manually:

  • Sign in endpoint

  • Sign out endpoint

  • Signing certificate (PEM format)

Role Sync from IdP (Optional)

If you'd like Firefly to sync users roles from your IdP, please:

  1. Ensure users are assigned to specific and dedicated admins group

  2. Add a group claim to the SAML application

  3. Let us know the exact group names

Validate the SSO Connection

  1. Visit your dedicated Firefly login page (provided by Firefly support team)

  2. Log in using your IdP

  3. You should be redirected to the Firefly platform

If your IdP manages user roles:

  • You should automatically be assigned as an admin if you're in the appropriate group

  • Roles would be updated with first login

SCIM Provisioning (Optional)

If you want to enable SCIM provisioning (user/group sync), it must be done via your IdP UI. SCIM configuration details will be provided by Firefly upon request.

Need Help?

Reach out to your Firefly Customer Success manager or email for assistance with your SSO configuration.

Azure AD
Okta
Azure AD SSO
Okta SSO
support@firefly.ai