Users can login to AppDynamics using Teamstack via SAML. Your users will use their Teamstack credentials when logging into AppDynamics.
AppDynamics (SP) initiated Single Sign-On
Teamstack (IdP) initiated Single Sign-On
JIT (Just In Time) Provisioning
Set up SSO via SAML for AppDynamics
To set up SSO you first need to create a AppDynamics app in Teamstack, assign it to yourself and then configure AppDynamics SSO with the SAML metadata from Teamstack.
Step 1: Create AppDynamics app in Teamstack
Go to your Applications in Teamstack.
Click "Add Application" in the top right corner.
Search for "AppDynamics" and click "Add".
Select this app to be a "SAML" app and enter your AppDynamics account name ( If your URL is https://myCompany.saas.appdynamics.com, enter myCompany ) and leave the "Relay State" input empty.
On your applications overview, click on the newly created AppDynamics app. You will see all details about this app.
Click on "Users" and assign this app to yourself. You will need this to test that SAML is working during setup in AppDynamics.
Click on the "SAML Configurations" tab. Keep this page open, you will need these values once you configure the SAML settings in AppDynamics.
Step 2: Set up SAML in AppDynamics
When you enable SSO in AppDynamics, users who does not exist in AppDynamics will be created automatically (Just In Time Provisioning) . During setup, you will have the option to specify the default AppDynamics role for newly created users.
Login to AppDynamics with your administrator account.
From you dashboard, click on the "cogwheel" in the right top corner and navigate to "Administration" and go to the Authentication Provider" tab.
Select "SAML" as an Authentication Provider and enter the followin settings:
- For "Login URL" copy the "Sign-in Page URL" from step 1.7
- Copy and past the "Identity Provider Certificate" from step 1.7 to the "Identity Provider Certificate" input
- Under "SAML Attribute Mappings" fill in the following values:
"Username Attribute" = "Username"
"Display Name Attribute" = "DisplayName"
"Email Attribute" = "Email"
You can edit the default role for auto-provisioned created users. Under "Mapping of Group to Roles", click on the pen icon and add the roles you and to assign.
You can now test the login from Teamstack to AppDynamics. You need to have assigned the AppDynamics to yourself in Teamstack. To test the connection, do the following:
Open a new incognito window
Log into Teamstack
Click on the AppDynamics app on your dashboard
You will be redirected to AppDynamics and will be logged in without the need to enter a password at AppDynamics.
When you login from Teamstack and the email address of the user is not known at AppDynamics, a new account will be created in AppDynamics with the roles you specified during setup.