Control access to Bugsnag using Okta.
Bugsnag’s integration with Okta provides:
- Authentication and authorization (SAML)
- User provisioning and deprovisioning (SCIM)
To configure SAML:
In Bugsnag settings select Organization -> Single sign-on (Admin access is required):
- Copy the SAML endpoint URL to your clipboard.
In Okta Admin, select Applications then Add Application and search for “Bugsnag SAML”. Select Add.
In General Settings:
- SAML Endpoint URL - Paste the URL copied from Bugsnag.
- Select Next, assign users as requred, then Done.
In Assign to People:
- Add users and groups that require access to Bugsnag. The username must be an email address.
- Select Next then Done.
In the Sign On tab:
- Under SAML 2.0 copy the link to the Identity Provider metadata to your clipboard (the URL not the metadata itself)
- Select Next.
- Paste the Identity Provider metadata URL in the SAML/IdP Metadata field.
- Select Auto-provision collaborators if you would like accounts to be automatically created for new users when they first log in (see SCIM for full provisioning and deprovisioning support).
- Select whether users will be granted access to all current projects or no projects by default. Users will only be added up to your plan’s collaborator limit. After provisioning, access to projects can be managed by any Admin.
- Select Enable SSO.
Users assigned to the app in Okta can now log in to Bugsnag.
Setup provisioning and deprovisioning (SCIM)
Provisioning and deprovisioning is available on Enterprise plans.
The following provisioning and deprovisioning features are supported:
- Create users
- Update user names and email addresses
- Deactivate users
In the Bugsnag settings of an organization administrator, select My Account -> Personal auth tokens:
- Generate a new auth token which will be used for SCIM.
Select Organization -> Single sign-on (Admin access is required):
- Copy the SCIM Base URL.
In Okta Admin, open the configuration for the Bugsnag application and in the Provisioning tab.
- Enter the SCIM base URL and auth token.
In the Sign On tab:
- Ensure Application username format is set to Email.