Setting up Fluig Single Sign-On

fluig is a third-party authentication service that enables users to be automatically logged in to GoodData seamlessly. When you implement fluig in your GoodData domain, users of your workspaces can access GoodData without using GoodData-specific credentials.

For more information on fluig, see https://en.fluig.com/. For information on GoodData and SSO, see Single Sign-On Overview.

GoodData uses the SAML protocol for exchanging information with fluig.

This article provides instructions for configuring fluig authentication for your GoodData domain.

Configure SSO

1. Log in to your fluig account as administrator.

2. Add a new application to your account. When prompted, select GoodData.

   If you need help with navigating through the fluig user interface, see the fluig user documentation.

3. From the newly added GoodData application, download the Identity Provider (IdP) metadata file. IdP metadata is specific for your company.

4. Determine which SSO scenario you are configuring and follow the relevant instructions:

   • If configuring for a Service Provider-initiated scenario, see SAML SSO with GoodData - Service Provider-initiated Scenario.
   • If configuring for an Identity Provider-initiated scenario, see SAML SSO with GoodData - Identity Provider-initiated Scenario.

This completes the configuration process. You can now start provision users.

Provision Users

You provision users directly in fluig. To provision a user, assign a user to the GoodData application in your fluig account. This user is automatically provisioned to the GoodData workspace configured in the application.

If you want to create users directly on the GoodData platform, use the API for creating users to create users in your domain. For each user, specify their SSO provider (the ssoProvider keyword you configured). Then, add or invite the user to the GoodData workspace. For more information, see Provisioning Users to Domains and Workspaces.