Skip to main content

Akuity Platform SSO

The Akuity Platform supports the following Single Sign-On (SSO) providers:

info

Akuity Platform SSO is available on Enterprise plans only. Please contact our Sales Team to access the feature.

Note that this feature only applies to the Akuity Platform, and is separate from SSO for Argo CD. Argo CD SSO is available in all Professional and Enterprise plans.

Configuring SSO

note

The owner role on the Organization is required to configure SSO.

To configure SSO for an Organization on the Akuity Platform:

  1. Go to Organization > SSO.

    SSO Settings

  2. Click Add Configuration.

  1. Register an application with the Microsoft identity platform with the following settings:

    • Set Redirect URI to https://auth.akuity.io/login/callback
  2. Add the following Delegated Permissions to the registered application:

    • Users > User.Read
    • Directory > Directory.Read.All
  3. Generate a client secret.

  4. Populate the configuration details inside the form:

    • Client ID: Application (client) ID
    • Client Secret: Client Secret
    • Azure AD Domain: Your Azure AD domain name. You can find this on your Azure AD directory's overview page in the Microsoft Azure portal.
    • Domain Aliases: Additional domains to match organization members (e.g. some-org.com).
    • Auto Add Member: Allow your organization members to join your organization with the member role automatically.

Azure SSO Settings

  1. Test the connection.

OIDC Mapping

note

OIDC mapping feature is only available if SSO is configured.

caution

OIDC mapping does not work for Okta native integration as Okta does not support groups claim. Please use generic SAML/OIDC option instead to connect with Okta if you want to use this feature.

To configure OIDC mapping for an Organization in the Akuity Platform:

  1. Go to Organization > SSO.

    OIDC SSO Settings

  2. Click Add New Rule.

    Add New Rule

  3. In the Add OIDC Group Mapping select the role and specify the corresponding OIDC Group for your provider.

    Add OIDC Group Mapping

  4. Click the Add button.

note

In the SSO settings, if the Auto Add Member is checked the new user willjoin your organization with the member role automatically.

Auto Add Member

OIDC Team Mapping

caution

OIDC Team Mapping does not work for Okta native integration as Okta does not support groups claim. Please use generic SAML/OIDC option instead to connect with Okta if you want to use this feature.

This feature allows you to map users with a specific OIDC group to a team in your organization.

Like standard OIDC Mapping, OIDC Team Mapping is only available if SSO is configured. In addition, your organization must have at least one Team.

To configure this feature for an Organization in the Akuity Platform:

  1. Go to Organization > SSO.

    OIDC SSO Settings

  2. Scroll down to the "OIDC Team Mapping" section and click Add New Mapping.

    Add New Rule

  3. In the modal that appears, specify an OIDC group and select an existing team from the dropdown.

    Add OIDC Team Mapping

  4. Click the Add button.

Now, when a user logs in with the specified OIDC group, they will be added to the selected team in your organization.