Setting up Fluig Single Sign-On

fluig is a third-party authentication service that enables users to be automatically logged in to GoodData seamlessly. When you implement fluig in your GoodData domain, users of your workspaces can access GoodData without using GoodData-specific credentials.

For more information on fluig, see https://en.fluig.com/. For information on GoodData and SSO, see Single Sign-On Overview.

GoodData uses the SAML protocol for exchanging information with fluig.

This article provides instructions for configuring fluig authentication for your GoodData domain.

Contents:

Configure SSO

Access the API endpoints through your GoodData subdomain https://{your-subdomain-name}.on.gooddata.com. For example, https://example.on.gooddata.com. If your workspaces use whitelabeling, use your domain address. For example, https://example.com.

Steps:

  1. Log in to your fluig account as administrator.
  2. Add a new application to your account.
    When prompted, select GoodData.

    If you need help with navigating through the fluig user interface, see the fluig user documentation.

  3. From the newly added GoodData application, download the Identity Provider (IdP) metadata file.
    IdP metadata is specific for your company.

  4. Determine which SSO scenario you are configuring and follow the relevant instructions:

This completes the configuration process. You can now start provision users.

Provision Users

You provision users directly in fluig. To provision a user, assign a user to the GoodData application in your fluig account. This user is automatically provisioned to the GoodData workspace configured in the application.

If you want to create users directly on the GoodData platform, use the API for creating users to create users in your domain. For each user, specify their SSO provider (the ssoProvider keyword that you configured). Then, add or invite the user to the GoodData workspace. For more information, see Provisioning Users to Domains and Workspaces.

Only a domain administrator can create a user with the ssoProvider parameter specified or modify the ssoProvider parameter for an existing user.

Powered by Atlassian Confluence and Scroll Viewport.