This article will show you how to configure SAML for Automox application in Teamstack.
Once this is done, your users will be able to access Automox using Teamstack via SAML. Your users will use their Teamstack credentials when accessing Automox.
Automox (SP) initiated Single Sign-On
Teamstack (IdP) initiated Single Sign-On
JIT (Just In Time) Provisioning
Set up SSO via SAML for Automox
To set up SSO you first need to add Automox app to Teamstack, assign it to yourself and then configure Automox SSO with the SAML metadata from Teamstack.
Step 1: Add Automox app to Teamstack
Go to your Applications in Teamstack.
Click "Add Application" in the top right corner.
Search for "Automox" and click "Add".
Select this app to be a "SAML" app and enter your Automox account name (If your URL is https://console.automox.com/dashboard?o=XXX, enter XXX) and leave the "Relay State" input empty.
On your applications overview, click on the newly created Automox app. You will see all the details about the app.
Click on "Users" and assign this app to yourself. You will need this in order to test whether SAML is working correctly for Automox.
Click on the "SAML Configurations" tab. Keep this page open, you will need these values once you configure the SAML settings in Automox.
Step 2: Set up SAML in Automox
Enable Single sing-on using SAML :
Log in to Automox with your administrator account.
From your dashboard, click on the "Settings" in the left corner and navigate to "Security", then click on the "Enable" button as shown below.
Enter the following settings using information from the step 1.7 above:
For "Entity ID" copy the "Issuer (IDP Entity ID)".
For "x509" copy the "Identity Provider Certificate".
For "Login URL" copy the "Sign-in Page URL".
You can enable auto-provisioned feature so a new account is created when users are authorized to use Automox in your SSO provider attempt to log in. New users will have read-only roles.
You can now try to log in from Teamstack to Automox. You need to have Automox assigned to yourself in Teamstack. To test the connection, do the following:
Open a new incognito window
Log into Teamstack
Click on the Automox app on your dashboard
You will be redirected to Automox and will be logged in without the need to enter a password at Automox.
When users with unknown to Automox email address try log in from Teamstack, a new account will be created in Automox with a read-only function.