Main Menu
minware logo
Product
Resources
Log In
Sign Up
Home
Documentation
Account Configuration
SAML/SSO
Introduction
Report Walkthrough
Time Allocation
Sprint Trends
Scorecard
Sprint Insights
Predictive Roadmap
Use Cases
Cost Capitalization
Adoption Guide
Plan Template
Source Integrations
GitHub
GitLab
Bitbucket
Azure DevOps
Jira
GitHub Issues
Google Calendar
Account Configuration
SAML/SSO
Security & Privacy
Competitors

Enterprise SAML/SSO Configuration

For enterprise customers, minware supports integration with SAML identity providers. minware uses Auth0 for authentication, which supports all identity providers (IdPs) that conform to the SAML 1.1. or SAML 2.0 protocol. See more specific instructions below:

Configuring OneLogin as SAML Identity Provider

Follow these instructions to configure OneLogin as an identity provider for minware.

Step 1: Add Application

  1. Navigate to your onelogin account at https://<domain>.onelogin.com/admin2
  2. From the menu select Applications -> Applications
  3. Select Add App
  4. Search for “SAML Custom”
  5. Select “SAML Custom Connector (Advanced)”

Step 2: Set Info

  1. Set a display name for this application, like “minware”
  2. Uncheck “Visible in portal”

Step 3: Set Configuration

  1. Select the Application you just created above
  2. Navigate to “Configuration” and fill in the following fields:
    • Audience (EntityID): urn:auth0:prod-minware:onelogin-<orgname> (replacing with your organization's "Org Handle" on your Org Profile settings page in minware)
    • ACS (Consumer) URL Validator: [-a-zA-Z0-9@:%._\+~#=]{2,256}\.[a-z]{2,6}\b([-a-zA-Z0-9@:%_\+.~#?&//=]*)
    • ACS (Consumer) URL: https://auth.minware.com/login/callback

Step 4: Set Parameters

  1. Select the Application you just created above
  2. Navigate to “Parameters”
  3. Click the “+” to add a new parameter
  4. Name the field “email”
  5. Select “Email” for value
  6. Select Include in SAML assertion
  7. Save
  8. Click the “+” to add a new parameter
  9. Name the field “name”
  10. Select “Macro” for the value
  11. Enter “{firstname} {lastname}” in the text field
  12. Select Include in SAML assertion
  13. Save

Step 5: Save SSO Fields

These values will need to be sent to support@minware to complete the authentication process.

  1. Select the Application you created above
  2. Navigate to SSO
  3. Save the following values (to view the x.509 certificate, you have to click “View Details”):
    • SAML 2.0 Endpoint (HTTP)
    • SLO Endpoint (HTTP)
    • X.509 Certificate
  4. Finally, you will need to provide:
    • The email domain(s) that you would like to login with OneLogin - These users will be redirected to OneLogin to login whenever the email domain matches.
  5. Send an email to support@minware.com with these four items to complete your setup, and we will

reach out to discuss how you would like to provision your users.

Configuring Okta as SAML Identity Provider

Follow these instructions to configure Okta as an identity provider for minware:

  1. Sign in to the Okta Developer Console.
  2. Use the App Integration Wizard to add an application for use with Auth0.
  3. Use the SAML App Wizard to create your SAML integration. When done, you'll be directed to the Sign On page for your newly-created app.
  4. Click View Setup Instructions to complete the process.
  5. Note the Identity Provider Single Sign-On URL, and download a copy of the X.509 certificate.
  6. Send an email to support@minware.com with the following. We will then reach out to discuss how you would like to provision your users.
    • Sign In URL - The Identity Provider Single Sign-On URL you noted from the Okta setup wizard
    • X509 Signing Certificate - Attach the certificate you downloaded from Okta.

Configuring Other Identity Providers (IdPs)

minware supports all identity providers that conform to the SAML 1.1. or SAML 2.0 protocol. Here we have specific instructions for particular identity providers, and you can contact support@minware.com for instructions if you use another identity provider. In general, you will need to provide three pieces of information to configure a SAML IdP with minware:

  • Sign In URL - The URL where SAML authentication requests are sent. This is also called the single sign-on (SSO) endpoint.
  • Sign Out URL - The URL where SAML logout requests are sent. This is also called the single logout (SLO) endpoint.
  • X509 Signing Certificate - The public-key certificate required by the SP to validate the signature of the authentication assertions that have been digitally signed by the IdP. We accept the .pem and .cer formats.

Provisioning Users

Once you have configured your SAML identity provider with minware, users will automatically be allowed to log into minware without you needing to send them invitations. Please contact us at support@minware.com to discuss how you would like to provision users. In particular, we will need to know how you would like to determine the user's role, team, and ticket system identity in minware based on the metadata available from your identity provider.

minware logo
Home
Pricing
About
Contact
Walkthrough
Blog
Documentation
Security & Privacy
Careers
© 2024 minware, Inc.
TermsPrivacy Policy