Use this option if you have an SSO provider that is not covered by the Lenses native SSO integrations.
Groups are case-sensitive and mapped by name.
Integrate your user-groups with Lenses by setting the lenses.security.saml.idp.groups.attribute in lenses.conf. Create a group in Lenses using the same case-sensitive group name as in your IdP. For example, if the Engineers group is available, create a group with the same name in Lenses.
lenses.security.saml.idp.groups.attribute
lenses.conf
Given the downloaded metadata file and a keystore, add the following configuration to security.conf:
security.conf
lenses.security.saml.base.url="https://lenses-dev.example.com" lenses.security.saml.idp.provider="generic" lenses.security.saml.idp.metadata.file="/path/to/GenericIDPMetadata.xml" lenses.security.saml.keystore.location = "/path/to/keystore.jks" lenses.security.saml.keystore.password = "my_keystore_password" lenses.security.saml.key.password = "my_saml_key_password" lenses.security.saml.idp.groups.attribute="groups_attribute" lenses.security.saml.idp.username.attribute="user_username"
The username attribute is optional, it defaults to the profile name.
See all SSO options.
On this page
