Enterprise
SAML Authentication

Enterprise users who host their own private Convox Console can take advantage of SAML SSO authentication and access. For more information on the Enterprise plan, see here.

SSO access through SAML can be enabled by simply setting two environment variables on your Console app.

$ convox env set -a console AUTHENTICATION=saml
$ convox env set -a console SAML_METADATA=https://login.microsoftonline.com/common/FederationMetadata/2007-06/FederationMetadata.xml

AUTHENTICATION set to saml
SAML_METADATA set to the metadata endpoint for your SAML Identity Provider. This varies from provider to provider so please check your documentation from them.
- For example, Microsoft/Azure IdP information can be found here
- For Okta, the IdP information can be found here

Once configured, promote the environment changes

$ convox releases promote -a console --wait

The Console will retrieve the metadata from the provider endpoint to configure everything else.

To disable SAML SSO access, change the AUTHENTICATION environment variable back to it’s previous value or simply remove the value, as appropriate.

Introduction

Application Setup

Development

Deployment

Management

Use Cases

Console

Enterprise

Example Apps

Reference

External Services

Migration Guides

Generation 1

Help

Enterprise SAML Authentication

Enterprise
SAML Authentication