FlexDeploy 7.0 introduces concept of SSO Realm, previously single sign-on was configured using configuration file. Customers using single sign-on using configuration file with previous versions of FlexDeploy will automatically be migrated to SSO Realm.

If an SSO Realm is enabled, no LDAP realms are allowed and users are directed to login with single sign-on provider instead of through the normal FlexDeploy login page.

If there is an issue logging in with SSO, or you want to login as an internal user such as fdadmin, go to the page flexdeploy/next/#/login.

Configuring an SSO Realm

If you had an fdsso.config file setup previously, it will automatically be upgraded to an SSO Realm. In 7.0, SSO Realms are seen in the UI. The file is no longer needed after the first startup of 7.0+.

Only FlexDeploy Administrators can update Realm settings.

Image Removed

Image Added

In order to enable or disable single sign-on, use Enable Single Sign-On switch.

Image Removed

Image Added

When you enable single sign-on, a new SSO realm will be populated with a sample configuration, and you will definitely need to configure it to your needs. You can also delete all details (see General section below), and press CTRL+Space to choose another sample.

Image Removed

Image Added

It’s OK if the provider isn’t the same as yours, but choose either SAML or OIDC correctly.

Other providers are fine to use!

You can make credentials for any sensitive values and include them in the script.

Here are some pages of information about some identity providers that we have tested more thoroughly and documented.