Configuring Code Insight to Use Single Sign-On

Single sign-on (SSO) is an authentication service that enables a user to use one set of credentials (usually a name and password) to access multiple applications. This service involves an exchange of SAML (Security Assertion Markup Language) protocol messages between the user, the identity provider, and the service provider.

The Identity Provider (also called an IdP) is any SSO service, such as Okta, Ping Federate, and others, offering SAML authentication services. The Service Provider (also called an SP) is an application, such as Code Insight, that is configured to participate in the SSO service. When a Service Provider user logs in using credentials for an SSO session, a SAML message is sent to the Identity Provider, requesting user authentication. If the user password is valid, the Identity Provider returns a SAML message, stating that the user is logged in at the Identity Provider. The user, in turn, is logged into the Service Provider.

A Code Insight System Administrator can configure Code Insight as a Service Provider in an SSO session. The following sections provide instructions for doing so:

• Prerequisite Tasks for Configuring Code Insight for SSO

• Configuring Code Insight for SSO

• Log In Using SSO Credentials

• (Optional) Configuring Code Insight to Sign SAML Requests

• (Optional) Disabling the Code Insight Login Page

• Option to Force Authentication with SSO