Firefly Documentation Portal
  • Welcome to the Documentation Portal
  • Contacting Firefly support
  • User Guides
    • QuickStart Guide
      • Onboarding
      • Dashboard
      • FAQ
      • Glossary
        • IaC status
    • Exploring the Inventory
    • Compose: Generating new configuration
    • Navigating the IaC Explorer
    • Workflows
      • Guardrails
    • Integrations
      • Integrate your providers and tools
        • Integrate your data sources
          • Integrate PagerDuty
          • Integrate MongoDB Atlas
          • Integrate AWS
            • Integrate AWS using Terraform
            • Integrate AWS using CloudFormation
            • Upgrading AWS integration to event-driven
            • AWS Discovery Status
          • Integrate Google Cloud
            • Integrate Google Cloud using a service account key
            • Integrate Google Cloud using Terraform
            • Google Cloud Discovery Status
          • Integrate Kubernetes
          • Integrate Datadog
          • Integrate New Relic
          • Integrate Okta
          • Integrate GitHub service
          • Integrate Cloudflare
          • Integrate NS1
          • Integrate Microsoft Azure
            • Integrate Microsoft Azure using Terraform
            • Azure Discovery Status
          • Integrate HashiCorp Vault
        • Integrate your IaC remote states
          • Integrate Terraform Cloud
          • Integrate Terraform Enterprise
          • Integrate HashiCorp Consul
          • Integrate remote stacks in Google Cloud Storage
          • Integrate env0
        • Integrate your version control system
          • Integrate GitHub
          • Integrate GitLab
          • Integrate Bitbucket
            • Integrate Bitbucket Data Center
            • Integrate Bitbucket Cloud
          • Integrate AWS CodeCommit
          • Integrate Azure DevOps
        • Send Firefly notifications to your messaging tools
          • Send Firefly notifications to Slack
            • Send notifications to Slack using the Slack App
            • Sending notifications to Slack using a webhook
          • Send Firefly notifications to Microsoft Teams
          • Send Firefly notifications to Torq
          • Send Firefly notifications to webhooks
          • Send Firefly notifications to Opsgenie
          • Send Firefly notifications to PagerDuty
            • Integration Key
            • General Access REST API Key
          • Send Firefly notifications to Google Chat
        • Integrate project management tools
          • Integrate Jira
    • Governance
    • Event-Center
    • How-to Guides
      • Manage assets
        • Codify assets
          • Codify assets to Config Connector
          • Codify assets to Manifest
          • Codify assets to Helm
          • Codify assets to CDK8S
          • Codify assets to Terraform
          • Codify assets to Pulumi
          • Codify assets to CloudFormation
          • Codify assets to CDK
          • Codify assets to Crossplane
          • Codify assets to Ansible
        • Delete unmanaged assets
        • Fix drifts
        • Remove asset Terraform code
        • Excluded drifts
        • IaC-Ignored assets
      • Monitor events
      • Manage notifications
      • Manage user roles
    • Deep Dive articles
      • Disaster recovery
      • Drifts
      • Codification
      • Notifications
      • Governance
      • Event-driven
      • IaC-Ignored assets
  • Appendix
    • Migrating CloudFormation resources to Terraform
    • Terraform Cloud Run Tasks
    • Creating a key pair
    • SSO Configuration
    • Firefly API Documentation
    • Support Matrix
    • Data privacy and AI usage
  • Firefly MCP
  • Firefly Backstage Plugin
Powered by GitBook
On this page
  • Set Up the SSO Application
  • Share Your SAML Metadata with Firefly
  • Role Sync from IdP (Optional)
  • Validate the SSO Connection
  • SCIM Provisioning (Optional)
  • Need Help?

Was this helpful?

  1. Appendix

SSO Configuration

PreviousCreating a key pairNextFirefly API Documentation

Last updated 1 month ago

Was this helpful?

This guide walks you through configuring Single Sign-On (SSO) with Firefly using either Azure AD or Okta as your Identity Provider (IdP). For Ping configuration please contact Firefly support.

Set Up the SSO Application

Firefly uses Terraform modules to create and configure your SSO integration. Here's what we’ll do:

  • Create a SSO app in your IdP ( or ) - In case of Okta IdP contact Firefly to receive a certificate

  • Assign your admins and viewers to dedicated groups

  • Extract SAML metadata to set up the connection

Share Your SAML Metadata with Firefly

Please provide us with the SAML metadata URL from your IdP (preferred), or the following details manually:

  • Sign in endpoint

  • Sign out endpoint

  • Signing certificate (PEM format)

Role Sync from IdP (Optional)

If you'd like Firefly to sync roles from your IdP, please:

  • Ensure users are assigned to specific groups

  • Let us know the exact group names

Validate the SSO Connection

  1. Visit your dedicated Firefly login page (Provided by Firefly support team)

  2. Log in using your IdP

  3. You should be redirected to the Firefly platform

If your IdP manages user roles:

  • You should automatically be assigned as an admin (if you're in the appropriate group. Roles would be updated with first login).

SCIM Provisioning (Optional)

If you want to enable SCIM provisioning (user/group sync), it must be done via your IdP UI - Will be provided by Firefly upon request.

Need Help?

Reach out to your Firefly Customer Success manager or support.

Azure AD
Okta
Example for Azure AD
Example for Okta