All Collections
Integration Guides
SAML setup
How to Configure SAML for Aha!
How to Configure SAML for Aha!
Lea Marano avatar
Written by Lea Marano
Updated over a week ago

Users can login to Aha! using Teamstack via SAML. Your users will use their Teamstack credentials when logging into Aha!.

Features:

  • Aha! (SP) initiated Single Sign-On

  • Teamstack (IdP) initiated Single Sign-On

  • JIT (Just In Time) Provisioning

Set up SSO via SAML for Aha!

To set up SSO you first need to create a Aha! app in Teamstack, assign it to yourself and then configure Aha! SSO with the SAML metadata from Teamstack.

Step 1: Create Aha! app in Teamstack

  1. Go to your Applications in Teamstack.

  2. Click "Add Application" in the top right corner. 

  3. Search for Aha!" and click "Add".

  4. Select this app to be a "SAML" app and enter your Aha! subdomain ( If your URL is https://myCompany.aha.io,  enter myCompany ) and leave the "Relay State" input empty.

  5. On your applications overview, click on the newly created Aha! app. You will see all details about this app.

  6. Click on "Users" and assign this app to yourself. You will need this to test that SAML is working during setup in Aha!.

  7. Click on the "SAML Configurations" tab and click on "SAML Metadata" to download the SAML metadata file you have to upload to Aha! later.

Step 2: Set up SAML in Aha!

When you enable SSO in Aha!, users who does not exist in Aha! will be created automatically. Those users will not have access to any product in Aha!, you will have to assign permission manually.

  • Login to Aha! with your administrator account.

  • Go to your "Account" settings -> "Security and single sign-on" and select "SAML 2.0 in the Single sign-on dropdown.

  • In the "SAML 2.0 Configuration", give the confiuration a name and select "Metadata file" for the radio buttons under "configure using".

  • Upload the metadata.xml file you downloaded from Teamstack in step 1.7.

  • Aha! will import all the necessary settings you will need.

  • Click on the "Enable" button to save the settings.

Test:

You now should have setup everything that is necessary to login via SAML from Teamstack to Aha!. To test that everything is working, open a new incognito tab and log in to Teamstack. You should see the Aha! app on your dashboard if you assinged the app to yourself. Click on the Aha! app, you will get redirected to Aha! and you will be logged without the need to enter your credentials in Aha!.

Note:

  • Auto-provisioned users will not have any permission to access your Aha! "products". You will have to assign those permission manulally.

  • It is also possible to login to Aha! directly using the following URL: https://{{YourSubDomain}}.aha.io/

Did this answer your question?