Bitium is a cloud-based identity management provider that can be integrated with Sumo Logic’s SAML 2.0 API to allow users to log in to Sumo Logic using their Single Sign-On (SSO) credentials.SAML 2.0 API to allow users to log in to Sumo Logic using their Single Sign-On (SSO) credentials.
You can sign up for a free Bitium Trial account at https://www.bitium.com.
Create a Bitium SSO app to connect to Sumo Logic
- Sign into Bitium.
- From the Bitium menu, select Manage, and then select Manage Apps.
- On the Apps page, select Add an App.
- Search for Sumo Logic to locate the Sumo Logic App for Bitium.
- On the App Install page, select Individual Account. Then under Single Sign-On, select SAMLSAML Authentication.
- Click Install App to move on to the next step.
- On the Install Success page, click Configure Single Sign-On.
- For Single Sign-On Provider, select SAMLSAML Authentication.
- The SAML configuration details for the App are displayed. For the Sumo Logic configuration, use the following parameters from this page:SAML configuration details for the App are displayed. For the Sumo Logic configuration, use the following parameters from this page:
- Login URL
- LogOut URL
- X.509 Certificate
- Keep this page open to use these parameters in the next step, Configure SAML in Sumo Logic.SAML in Sumo Logic.
Configure SAML in Sumo LogicSAML in Sumo Logic
- Log into Sumo Logic as an administrator.
- Go to Manage > Security.
- Click SAML.
- Click Configure, and configure the SAML settings.SAML settings.
- Configuration Name. Enter the name of the SSO policy (or another name used internally to describe the policy).
- Debug Mode. Select this option if you'd like to view additional details when an error occurs. For more information, see Using SAML Debug Mode.SAML Debug Mode.
- Issuer. Enter the Entity ID from Step 9 in the previous section.
- Authn Request URL. Enter the LogIn URL from Step 9 in the previous section.
- X.509 Certificate. Copy and paste your X.509 certificate, which is used to verify signatures in SAML assertions. This is the X.509 Certificate value from Step 9 in the previous section.SAML assertions. This is the X.509 Certificate value from Step 9 in the previous section.
- Email Attribute. Select Use SAMLSAML subject.
- SP Initiated Login Configuration. Deselect this option. Authentication will be initiated from within Bitium.
- On Demand Provisioning: (Optional) Select this option for Sumo Logic to automatically create a Sumo Logic user account when a user first logs on.
- First Name Attribute. Enter FirstName. (This is case sensitive.)
- Last Name Attribute. Enter LastName. (This is case sensitive.)
- On Demand Provisioning Roles. Add a role for all Bitium created users, such as Administrator or Analyst. If you would like users to have multiple roles assigned on creation, you can enter additional roles, separated by a comma.
- Logout Page. (Optional) Enter the LogOut URL, from Step 9 in the previous section, to be directed back to Bitium on logout from Sumo Logic.
- Roles Attribute. Leave this option deselected
- Click Save.
- On the Manage > Security page, click the SAML button again to view a summary of the SAML configuration parameters. Leave this dialog open so that you can finish the configuration in SAML configuration parameters. Leave this dialog open so that you can finish the configuration in Bitium.
Add Sumo Logic SAML Settings to SAML Settings to Bitium
- Go back to the Bitium SAMLSAML Configuration page.
- Within the SAMLSAML URL text box, enter the Authentication Request URL displayed in step 6 of the previous section.
- Click Save Changes to complete the application install.
- Assign users as needed to the Sumo Logic App.
- You are now configured to login to Sumo Logic via Bitium.