Enabling SSO with Sorry™ is a two-step process, you first have to configure Sorry™ as an application within your IDP, and then give Sorry™ some settings from your IDP.
Once you configure SSO, you'll be able to assign your application to users within your organisation, allowing them to sign-in and manage your status page, without the need to invite them individually or maintain separate usernames and passwords.
Configuring Single Sign-On (SSO)
Start by finding your SSO settings in the "Team Members" section of your Sorry™ account.
Create a new application in your IDP
Now open a new browser tab and start the process of creating a new SAML 2.0 application within your IDP.
When required, copy the "ACS / Consumer URL" and "Entity ID / Audience URI" from Sorry™ into your IDP. These settings tell your IDP where to send SSO requests, and are specific to your Sorry™ team.
When asked by your IDP, select the Name Identifier Format as "EmailAddress", this tells your IDP to send Sorry™ the email of your user to authenticate them.
Finish the setup in your IDP, which may involve choosing a name, description or logo for your new application. (You can find the Sorry™ logo in our Brand Assets)
Add the new IDP application details to Sorry
Your IDP will now give you some details, most importantly the SAML Endpoint URL used to authenticate users and the x.509 Certificate which signs the request to ensure it's genuine.
Add both of these into the SSO configuration form within your Sorry™ account, and save them.
That's it! SSO is now ready to use
Go ahead and assign the newly created IDP application to the people you wish to manage your status page.
Automatically Adding Team Members
There's no need to invite people to join Sorry™ individually; we'll automatically add anyone we've not seen before when they first sign-on using SSO.
Configuring Single Logout (SLO)
We also support IDP Initiated SLO requests, so that when users sign out of your IDP, it will also sign them out of Sorry™.
If your IDP supports SLO, copy the SLO URL from your Sorry™ account into your IDP, and then place the SLO Endpoint provided by your IDP back into Sorry™.
Need help setting up SSO with your specific Identity Provider? Get in touch.