Glyue Setup

This article aims to guide the user through how to set up SAML SSO in Glyue.

Create a SAML Config

Log into Glyue and navigate to the Admin site.

Scroll to the SAML SINGLE SIGN ON section, locate SAML Configs and click Add.

On the web form that displays, scroll to the bottom (without changing any values) and click SAVE.

Default SAML settings are considered secure and should suffice for most use cases. If SSO customization is desired, please see this article:

Glyue SAML Config Reference

Note that on the resulting page, there is now a URL and a download link for Glyue’s SAML metadata:

Provide the URL or metadata file to the IdP admin, who now must add Glyue on their end as an external SSO application (aka Service Provider) and supply their IdP SAML metadata.

General IdP Setup

  1. Create a new Service Provider (aka SSO Application, External Application, SSO Integration, SAML Application, etc. or something similar).

  2. Upload the Glyue metadata. Some IdPs won't support uploading a file, and will prefer a URL or even for the data to be copied and pasted.

Glyue always serves its metadata at /sso/saml2/metadata/.

Also, Glyue's metadata can be downloaded from the SAML Configs page on the Admin site. The page will also display the full URL.

  1. Configure as necessary, add users, map user attributes, etc.

By default, a user's email address is used to identify the correct user for login in Glyue. The attribute (aka field) on the Glyue User object is simply email, which may differ from the IdP's User object (which might beemailAddress, email_addr, or something similar).

In this case, the IdP user email address attribute name needs to be mapped to Glyue's. Glyue supports user attribute mapping on its end, and most IdPs do as well.

See Glyue SAML Config Reference for more information.

  1. Save/activate/enable the new SSO application.

  2. There should now be SAML metadata available which should be provided back to the Glyue admin.

IdP-specific setup instructions

JumpCloud SetupOkta SetupAzure Setup

Add the IdP to Glyue as a trusted authenticator

On the Admin site, under SAML SINGLE SIGN ON, locate SAML Identity Providers and click +Add.

Provide a name, optionally a logo image, and the metadata.

Click SAVE. Glyue should now allow users to log in via this provider.

Testing connectivity

Log out of Glyue and go to the main page. The login dialog should have a new section, Single Sign On, and the added IdP’s name should appear on a button.

Clicking the button should redirect the user to the IdP login page. After successful authentication, the user should be redirected back to Glyue, bypassing the login screen and going right to the requested page.

Last updated

Was this helpful?