How Can We Help?
Configuring SAML2 (Pure 5.30 and later)Configuring SAML2 (Pure 5.30 and later)
Roles needed: Administrator or Technical administrator
Version needed: 5.30.0 or later
You need to setup SAML2 configuration to allow Pure users to get seamless single-sign-in (SSO) login.
The configuration is available at Administrator > Security > Authentication configuration
Choose SAML2 in the dropdown with authentication methods.
Metadata
| Configuration point | Comment |
|---|---|
| URL for the Identity Provider/IdP's Metadata |
Identity Provider/IdP's Metadata can be added using a URL or by upload of XML file. When configured successfully a summary will be present below in Metadata information |
| Unique identifier for the Service Provider/SP | A unique ID which the IdP uses to identify Pure from other services. |
| SAML attribute used to extract the username | The attribute, supplied by the IdP, which is used to match a username of a user in Pure. |
Certificates
Pure now offers to generate a Certificate and Private key for the Service Provider/SP's signing credential through the setup page, which will insert it into the configuration. To do this, simply click on “Generate Certificate/Key Pair”.
Troubleshooting (Logging)
If there are any issues met after the SAML2 configuration has been completed and saved it is advisable to inspect the SAML2 log.
This can be found at the bottom of the page by expanding the Logging area using the right side toggle. The details / log would also be useful in case you need to reach out to Pure Support.
Saving
After saving the changes the configuration will start to take effect shortly.
Updated at September 18, 2024