This document explains the process to enable SSO for DeepSource using SAML 2.0 with OneLogin as the Identity Provider (IdP).
For now, an admin (on OneLogin) needs to create a custom SAML connector for DeepSource Enterprise. The steps for which are as given:
On the top menu, go to "Applications" → "Applications", and click on "Add App".
Search for and choose “SAML Custom Connector (Advanced)”.
Fill in the following details and click “Save”:
Field | Value |
---|---|
Display Name | DeepSource Enterprise Server |
Rectangular Icon | Upload https://www.dropbox.com/sh/x7i2lrcodblyxuy/AACPCNPc0Z_TT3BlHpnRr5Hra?dl=0&preview=workmark.png (optional) |
Square Icon | Upload https://www.dropbox.com/sh/x7i2lrcodblyxuy/AACPCNPc0Z_TT3BlHpnRr5Hra?dl=0&preview=logo.png (optional) |
Navigate to “Configuration” tab using the sidebar on the left.
Assuming that DeepSource is hosted on "https://deepsource.foobar.com", fill in the following details accordingly leaving the rest of the fields with defaults and click “Save”:
Field | Value |
---|---|
Audience (EntityID) | https://deepsource.foobar.com/saml2/metadata/ |
Recipient | https://deepsource.foobar.com/saml2/acs/ |
ACS (Consumer) URL Validator | https://deepsource.foobar.com/saml2/acs/ |
ACS (Consumer) URL | https://deepsource.foobar.com/saml2/acs/ |
SAML signature element | Both (from dropdown) |
Sign SLO Request | ✅ |
Sign SLO Response | ✅ |
Navigate to the “Parameters” using the sidebar on the left.
Fill in the following details and click “Save”:
Field | Value |
---|---|
NameID value | |
first_name | - First Name (from dropdown) |
Navigate to the “SSO” using the sidebar on the left.
Change the “SAML Signature Algorithm” field to use a stronger algorithm such as “SHA-512” (from dropdown) and click on “Save”.
On the same screen, copy the “Issuer URL”. It should be in the format https://app.onelogin.com/saml/metadata/<app-uuid>
.
Once OneLogin has been configured, navigate to “Config” tab in the Admin panel (replicated Kotsadm):