OneLogin setup

Control access to BugSnag using OneLogin.

BugSnag’s integration with OneLogin provides:

  • Authentication and authorization (SAML)
  • User provisioning and deprovisioning (SCIM)

Setup SAML

To configure SAML:

  1. In BugSnag settings select Organization -> Single sign-on (Admin access is required):

    • Copy the SAML endpoint URL to your clipboard. Configure SSO
  2. In OneLogin, from the Administration dashboard select Applications from the Applications drop down menu. Then, Add App and search for “Bugsnag”. Select the SAML2.0 version and then Save.

  3. On the Configuration tab:

    • Bugsnag Consumer URL - Paste the URL copied from BugSnag.
    • Select Save. Configure OneLogin app
  4. On the SSO tab:

    • Copy the Issuer URL to your clipboard. OneLogin Issuer URL
  5. In BugSnag:

    • Paste the Issuer URL in the SAML/IdP Metadata field.
    • Select Auto-provision collaborators if you would like accounts to be automatically created for new users when they first log in (see SCIM for full provisioning and deprovisioning support).
    • Select whether users will be granted access to all current projects or no projects by default. Users will only be added up to your plan’s collaborator limit. After provisioning, access to projects can be managed by any Admin.
    • Select Enable SSO.
  6. You can now log in to BugSnag from your OneLogin App Home.

Setup provisioning and deprovisioning (SCIM)

Provisioning and deprovisioning is available on Enterprise plans.

The following provisioning and deprovisioning features are supported:

  • Create users
  • Update user names and email addresses
  • Deactivate users
  1. In the BugSnag settings of an organization administrator, select My Account -> Personal auth tokens:

    • Generate a new auth token which will be used for SCIM. Configure SSO
  2. Select Organization -> Single sign-on (Admin access is required):

    • Copy the SCIM Base URL. Configure SSO
  3. In OneLogin admin, open the configuration for the BugSnag application and in the Configuration tab.

    • Enter the Auth token.
    • Enter the organization name only. The organization name is found in the SCIM Base URL: OneLogin org name
  4. Then on the Provisioning tab:

    • Check Enable provisioning.
    • To deprovision users in BugSnag when their access is removed in OneLogin, select Delete in the dropdown.
    • Select Save. OneLogin org name
  5. Now when users are assigned and unassigned access to BugSnag their account will be automatically provisioned and deprovisioned.

Session Timeout

If a SessionNotOnOrAfter value is present in the SAML authentication response, it will be used to set the timeout of the BugSnag session.

Please refer to your SSO provider’s documentation for more information on how to configure SessionNotOnOrAfter.