SSO Integration with AstroFarm

Single Sign-On enables users to access multiple applications with a single set of credentials. For the single sign-on experience with AstroFarm as a service provider, we use OAuth -2 protocol, which is executed via an OpenID connect. AstroFarm supports SSO  with the following identity providers such as OKTA,  Google Suite and AWS Cognito.

Follow the below steps to configure SSO: 

1. Login to AstroFarm console.

2. Navigate to Settings > Single Sign-On.

3. On the  Oauth-2.0 Authentication screen, check Enable Single Sign-On.

This will enable all the options that need to be configured.

4. Enabling the Auto Add User option allows you to auto-grant access to the user authenticated by the SSO server (Identity provider) with the User Role if the user is not registered with AstroFarm.

5. Please select the SSO Type from the dropdown. Currently, we support the following SSO types:

  • G-Suite
  • OKTA
  • AWS Cognito.

6. Enter the following information:

  • Base URL - Enter the Base server URL. The Base URL can be taken from the SSO Server. Please get the Base URL from the given SSO Type like Okta for instance
  • Client ID - Enter the Client ID. The Client ID can be copied from the SSO server.
  • Client Secret - Enter the Client Secret. The Client Secret can be copied from the SSO server.

8. Once you enter the above information, the following fields will be auto-populated:

  • Sign in callback URL - The Sign in URL from the third-party will redirect users to the AstroFarm landing page after they have signed in.
  • Sign out callback URL - The Sign out URL from AstroFarm will redirect users to the third-party web page after they have signed out.
  • Scope - Open ID, Email and Profile.Single Sign-On enables users to access multiple applications with a single set of credentials. For the single sign-on experience with AstroFarm as a service provider, we use OAuth -2 protocol, which is executed via an OpenID connect. AstroFarm supports SSO  with the following identity providers such as OKTA,  Google Suite and AWS Cognito.

Follow the below steps to configure SSO: 

1. Login to AstroFarm console.

2. Navigate to Settings > Single Sign-On.

3. On the  Oauth-2.0 Authentication screen, check Enable Single Sign-On.

This will enable all the options that need to be configured.

4. Enabling the Auto Add User option allows you to auto-grant access to the user authenticated by the SSO server (Identity provider) with the User Role if the user is not registered with AstroFarm.

5. Please select the SSO Type from the dropdown. Currently, we support the following SSO types:

  • G-Suite
  • OKTA
  • AWS Cognito.

6. Enter the following information:

  • Base URL - Enter the Base server URL. The Base URL can be taken from the SSO Server. Please get the Base URL from the given SSO Type like Okta for instance
  • Client ID - Enter the Client ID. The Client ID can be copied from the SSO server.
  • Client Secret - Enter the Client Secret. The Client Secret can be copied from the SSO server.

8. Once you enter the above information, the following fields will be auto-populated:

  • Sign in callback URL - The Sign in URL from the third-party will redirect users to the AstroFarm landing page after they have signed in.
  • Sign out callback URL - The Sign out URL from AstroFarm will redirect users to the third-party web page after they have signed out.
  • Scope - Open ID, Email and Profile.

9. Click Save.