Bitium is a cloud-based identity management provider that can be integrated with Sumo Logic’s SAML 2.0 API to allow users to log in to Sumo Logic using their Single Sign-On (SSO) credentials.SAML 2.0 API to allow users to log in to Sumo Logic using their Single Sign-On (SSO) credentials.
You can sign up for a free Bitium Trial account at https://www.bitium.com.
Create a Bitium SSO app to connect to Sumo Logic
- Sign into Bitium.
- From the Bitium menu, select Manage, and then select Manage Apps.
- On the Apps page, select Add an App.
- Search for Sumo Logic to locate the Sumo Logic App for Bitium.
- On the App Install page, select Individual Account. Then under Single Sign-On, select SAMLSAML Authentication.
- Click Install App to move on to the next step.
- On the Install Success page, click Configure Single Sign-On.
- For Single Sign-On Provider, select SAML Authentication.
- The SAML configuration details for the App are displayed. For the Sumo Logic configuration, use the following parameters from this page:SAML configuration details for the App are displayed. For the Sumo Logic configuration, use the following parameters from this page:
- Login URL
- LogOut URL
- X.509 Certificate
- Keep this page open to use these parameters in the next step, Configure SAML in Sumo Logic.SAML in Sumo Logic.
Configure SAML in Sumo Logic
- Log into Sumo Logic as an administrator.
- Go to Administration > Security > SAML (Manage > Security in the classic UI, then click SAML).
- Click Configure.
- Configuration Name. Enter the name of the SSO policy (or another name used internally to describe the policy).
- Debug Mode. Select this option if you'd like to view additional details when an error occurs. For more information, see Using SAML Debug Mode.SAML Debug Mode.
- Issuer. Enter the Entity ID from Step 9 in the previous section.
- Authn Request URL. Enter the LogIn URL from Step 9 in the previous section.
- X.509 Certificate. Copy and paste your X.509 certificate, which is used to verify signatures in SAML assertions. This is the X.509 Certificate value from Step 9 in the previous section.SAML assertions. This is the X.509 Certificate value from Step 9 in the previous section.
- Email Attribute. Select Use SAMLSAML subject.
- SP Initiated Login Configuration. Deselect this option. Authentication will be initiated from within Bitium.
- On Demand Provisioning: (Optional) Select this option for Sumo Logic to automatically create a Sumo Logic user account when a user first logs on.
- First Name Attribute. Enter FirstName. (This is case sensitive.)
- Last Name Attribute. Enter LastName. (This is case sensitive.)
- On Demand Provisioning Roles. Add a role for all Bitium created users, such as Administrator or Analyst. If you would like users to have multiple roles assigned on creation, you can enter additional roles, separated by a comma.
- Logout Page. (Optional) Enter the LogOut URL, from Step 9 in the previous section, to be directed back to Bitium on logout from Sumo Logic.
- Roles Attribute. Leave this option deselected
- Click Save.
- On the Administration > Security > SAML page, view a summary of the SAML configuration parameters. Leave this dialog open so that you can finish the configuration in Bitium.
Add Sumo Logic SAML Settings to SAML Settings to Bitium
- Go back to the Bitium SAML Configuration page.
- Within the SAML URL text box, enter the Authentication Request URL displayed in step 6 of the previous section.
- Click Save Changes to complete the application install.
- Assign users as needed to the Sumo Logic App.
- You are now configured to login to Sumo Logic via Bitium.