Single Sign On for Admin Portal

SaaS
This guide provides information about how to configure and use single sign on with the 3scale admin portal

Step 1: Enable Red Hat SSO or Auth0 member Authentication

3scale supports single sign on (SS0) authentication for your members and admins.

The admin portal supports the following SSO providers, each which support a number of identity brokering and member federation options:

Note: You can enable multiple SSO member authentication types

Only users that have been added to RH SSO or Auth0 will be able to access your 3scale admin portal through SSO. If you want to further restrict the access by either roles or user groups you should refer to the corresponding step by step tutorials on the RH SSO or Auth0 support portals.

Once you have established SSO through your chosen provider, you must configure it and enable it on the 3scale admin portal.

RH SSO Prerequisites

  • An RH SSO instance and realm configured as described under the Configuring Red Hat Single Sign-On section of the developer portal documentation
  • A 3scale Enterprise account
  • Configuring Red Hat Single Sign-On

Auth0 Prerequisites

  • An Auth0 Subscription and account
  • A 3scale Enterprise account

Enable SSO

As an administrator, perform the following steps in the 3scale admin panel to enable RH SSO or Auth0:

  1. Navigate to the SSO tab: AccountSSO IntegrationsNew SSO Integration
  2. Select your SSO provider from the dropdown list
  3. Enter the required information:
    • Client
    • Client Secret
    • Realm or Site
  4. Click Create Authentication Provider

Step 2: Using SSO with 3scale

Once you have configured SSO, members can sign on using the account credentials in connected IdPs.

Follow these steps to log in to the 3scale Admin portal using SSO:

  1. Navigate to your 3scale login page:

    https://<organization>-admin.3scale.net/p/login

  2. Authorize 3scale with your IdP
  3. If necessary, complete sign up by entering any needed information

Once you successfully sign up, you will have a member account under the API provider organization, and you will be automatically logged in.