All of Aviator’s cloud accounts support Google SSO based login. Self-hosted Aviator deployments support Google, Okta, Active Directory, or other SAML SSO providers.
To setup Google SSO for on-premise installation, you will need to create Oauth authorization credentials in the Google developer console to identify the application to Google's OAuth 2.0 server.
- 2.Click Create credentials > OAuth client ID.
- 3.Select the Web application application type.
5. Add the Google Client ID and Client Secret that is on this page to your docker
Restart the server, and Google SSO should work.
Aviator supports SAML 2.0 based authentication. To request SAML authentication for your account, please contact [email protected]. See instructions below for Okta. If you have any other identity provider, please contact us for instructions.
- 1.Sign into Okta as an administrator.
- 2.Switch to the Classic UI, using the drop-down in the upper left.
- 3.Go to Admin Dashboard > Applications > Add Application.
- 4.Click Create New App and choose SAML 2.0 as the Sign on method.
- 5.Enter General Settings for the application:
8. Enter SAML Settings, including:
- Single sign on URL: enter the URL you copied in Step 6
- Audience URI:
- Default Relay state: <leave empty>
- Name ID format:
- Application username:
9. Enter the attribute statements, which will be used to map attributes between Okta and Aviator. Please note that these values are case-sensitive.
10. Click Next. Then, set Okta support parameters for the application. Recommended settings:
- I’m an Okta customer adding an internal app
- This is an internal app that we have created.
11. Click Finish. On the next screen, click the Sign On tab and click on Identity Provider metadata.
12. Copy the url that it opens, this is your Metadata URL.
13. Go to the Assignments tab, and assign the app to the appropriate groups / users to access.
This should enable the Okta configuration for your organization. Please verify this by logging out and logging in directly from Okta portal.
- This is idp initiated authentication, so you can login in directly from the Okta portal.
- It’s also recommended to post an announcement for your users to explain how the migration will work.