sidebar_position	20

Single Sign On (SSO)

SSO – Change the login page in case the user logs out

Key	``
Possible values	Text
Where to add/change	`customer.config` CloudShell Portal installation directory
Default value	N/A
Affected CloudShell Component	CloudShell Portal
Version	6.0 and above

## SSO – Enable or disable SSO

Key	``
Possible values	Token, Header, None
Where to add/change	`customer.config` CloudShell Server installation directory
Default value	Token
Affected CloudShell Component	CloudShell Portal
Version	6.0 and above

## SSO – Enable or disable using Token mode

Key	``
Possible values	Token, Header, None
Where to add/change	`customer.config` CloudShell Server installation directory
Default value	Token
Affected CloudShell Component	CloudShell Portal
Version	6.0 and above

## SSO – Configure token encryption using Rijndael symmetric encryption key (32 bytes)

Key	``
Possible values	Any multiple of 32 bits
Where to add/change	`customer.config` CloudShell Server installation directory
Default value	As set in the QsTeamServer.exe.config file in the Quali Server installation directory
Affected CloudShell Component	CloudShell Portal
Version	6.0 and above

## SSO – Configure token encryption using Rijndael symmetric encryption key IV (16 bytes)

Key	``
Possible values	Any multiple of 16 bits
Where to add/change	`customer.config` CloudShell Server installation directory
Default value	As set in the QsTeamServer.exe.config file in the Quali Server installation directory
Affected CloudShell Component	CloudShell Portal
Version	6.0 and above

## Header mode – used when the username is added to one of the HTTP headers

Key	``
Possible values	Any username that is added to one of the HTTP headers
Where to add/change	`customer.config` CloudShell Server installation directory
Default value	Token
Affected CloudShell Component	CloudShell Portal
Version	6.0 and above

SAML Single Sign On (SSO)

SSO/SLO configuration is available with CloudShell Premium Tier.

For step-by-step instructions on how to use these configuration keys, see Configuring SAML Single Sign-On (SSO). :::note CloudShell supports SAML v2.0. If you encounter an error, please contact your SAML administrator. :::

SAML SSO – Enable SAML SSO authentication

Key	``
Possible values	True/False
Where to add/change	`customer.config` CloudShell Portal installation directory
Default value	False
Affected CloudShell Component	CloudShell Portal
Version	6.4 and above

## SAML SSO – Configure the Assertion Consumer Service URL

Key	``
Possible values	URL string with the address of the CloudShell Portal (including server IP address and port number)
Where to add/change	`customer.config` CloudShell Portal installation directory
Default value	N/A
Affected CloudShell Component	CloudShell Portal
Version	6.4 and above

## SAML SSO – Configure the URL of the Identity Provider

Key	``
Possible values	URL of the Identity Provide (IdP)
Where to add/change	`customer.config` CloudShell Portal installation directory
Default value	N/A
Affected CloudShell Component	CloudShell Portal
Version	6.4 and above

## SAML SSO – Configure the address of the login page (CustomAbsoluteLoginPage)

Key	``
Possible values	Text, URL string with the address of the CloudShell Portal (including server IP address and port number)
Where to add/change	`customer.config` CloudShell Portal installation directory
Default value	N/A
Affected CloudShell Component	CloudShell Portal
Version	6.4 and above

## SAML SSO – Configure the deflate/inflate compression when processing SAML requests

Key	``
Possible values	True/False
Where to add/change	`customer.config` CloudShell Portal installation directory
Default value	True
Affected CloudShell Component	CloudShell Portal
Version	6.4 and above

## SAML SSO – Configure the name of the certificate key file (.pfx file) to sign the SAML request with

Key	``
Possible values	Text, if the certificate is locked with a password use a semicolon and provide the password (as shown in the above example)
Where to add/change	`customer.config` CloudShell Portal installation directory
Default value	N/A
Affected CloudShell Component	CloudShell Portal
Version	6.4 and above

## SAML SSO – Configure the HTTP method to use when issuing the SAML request to the Identity Provider

Key	``
Possible values	Get, Post, Redirect
Where to add/change	`customer.config` CloudShell Portal installation directory
Default value	Redirect (which does not check for browser compatibility)
Affected CloudShell Component	CloudShell Portal
Version	6.4 and above

## SAML SSO – Redirect the user to a specified URL whenever the user browses the SAML consumer endpoint without a response

Key	``
Possible values	URL string or Null
Where to add/change	`customer.config` CloudShell Portal installation directory
Default value	NULL (which means the user will not be redirected and ultimately will get an error message saying the response is empty)
Affected CloudShell Component	CloudShell Portal
Version	6.4 and above

## SAML SSO – Redirect the user to a specified URL whenever the user browses the CloudShell Portal login page

Key	``
Possible values	URL string (In SAML and SSO context, this key is usually used to hide the login page and redirect incoming users to the SAML endpoint. Some environments (like Huawei) use it to redirect users when they log off of the portal back to their landing page.)
Where to add/change	`customer.config` CloudShell Portal installation directory
Default value	N/A
Affected CloudShell Component	CloudShell Portal
Version	6.4 and above

## SAML SSO – Redirect the user to a specified URL whenever the user browses the CloudShell Portal logout page

Key	``
Possible values	URL string , where [server] is the IdP server's IP or DNS
Where to add/change	`customer.config` CloudShell Portal installation directory
Default value	N/A
Affected CloudShell Component	CloudShell Portal
Version	6.4 and above

## SAML SSO – Enable direct access to CloudShell Portal

Key	``
Possible values	True/False
Where to add/change	`customer.config` CloudShell Portal installation directory
Default value	False
Affected CloudShell Component	CloudShell Portal
Version	7.1 and above

## SAML SSO – Change the name of the Domain attribute which defines the CloudShell domain to associate the user to :::note This attribute may be added when setting up users in an IdP, to log a user into a specific domain if a user belongs to more than one domain. For more information, see [Set up an Identity Provider (IdP)](../../../cloudshell-identity-management/access-control-and-authentication/saml-authentication-configuration-sso-slo/configure-sso/index.md#set-up-an-identity-provider-idp). :::

Key	``
Possible values	Text
Where to add/change	`customer.config` CloudShell Server installation directory
Default value	Domain
Affected CloudShell Component	CloudShell Portal
Version	8.2 and above

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Single Sign On (SSO)

SSO – Change the login page in case the user logs out

SAML Single Sign On (SSO)

SAML SSO – Enable SAML SSO authentication

FilesExpand file tree

single-sign-on-sso.md

Latest commit

History

single-sign-on-sso.md

File metadata and controls

Single Sign On (SSO)

SSO – Change the login page in case the user logs out

SAML Single Sign On (SSO)

SAML SSO – Enable SAML SSO authentication