Users can login to AppDynamics using Teamstack via SAML. Your users will use their Teamstack credentials when logging into AppDynamics.
Features:
- AppDynamics (SP) initiated Single Sign-On
- Teamstack (IdP) initiated Single Sign-On
- JIT (Just In Time) Provisioning
Set up SSO via SAML for AppDynamics
To set up SSO you first need to create a AppDynamics app in Teamstack, assign it to yourself and then configure AppDynamics SSO with the SAML metadata from Teamstack.
Step 1: Create AppDynamics app in Teamstack
- Go to your Applications in Teamstack.
- Click "Add Application" in the top right corner.
- Search for "AppDynamics" and click "Add".
- Select this app to be a "SAML" app and enter your AppDynamics account name ( If your URL is https://myCompany.saas.appdynamics.com, enter myCompany ) and leave the "Relay State" input empty.
- On your applications overview, click on the newly created AppDynamics app. You will see all details about this app.
- Click on "Users" and assign this app to yourself. You will need this to test that SAML is working during setup in AppDynamics.
- Click on the "SAML Configurations" tab. Keep this page open, you will need these values once you configure the SAML settings in AppDynamics.
Step 2: Set up SAML in AppDynamics
When you enable SSO in AppDynamics, users who does not exist in AppDynamics will be created automatically (Just In Time Provisioning) . During setup, you will have the option to specify the default AppDynamics role for newly created users.
- Login to AppDynamics with your administrator account.
- From you dashboard, click on the "cogwheel" in the right top corner and navigate to "Administration" and go to the Authentication Provider" tab.
- Select "SAML" as an Authentication Provider and enter the followin settings:
- For "Login URL" copy the "Sign-in Page URL" from step 1.7
- Copy and past the "Identity Provider Certificate" from step 1.7 to the "Identity Provider Certificate" input
- Under "SAML Attribute Mappings" fill in the following values:
"Username Attribute" = "Username"
"Display Name Attribute" = "DisplayName"
"Email Attribute" = "Email" - You can edit the default role for auto-provisioned created users. Under "Mapping of Group to Roles", click on the pen icon and add the roles you and to assign.
- Click "Save"
Test:
You can now test the login from Teamstack to AppDynamics. You need to have assigned the AppDynamics to yourself in Teamstack. To test the connection, do the following:
- Open a new incognito window
- Log into Teamstack
- Click on the AppDynamics app on your dashboard
- You will be redirected to AppDynamics and will be logged in without the need to enter a password at AppDynamics.
When you login from Teamstack and the email address of the user is not known at AppDynamics, a new account will be created in AppDynamics with the roles you specified during setup.