Log in with single sign-on
This is a premium option. Contact your Customer Success Manager to enable it on your Kameleoon account.
Single sign-on (SSO) is a method for authenticating users where a single set of credentials can be used to log in to several applications.
When SSO is set up, you can sign in to your third-party IdP, then access Kameleoon app directly without a second sign-in.
Kameleoon lets you implement SSO through the following solutions :
- External identity providers that support the SAML 2.0 standard
- Open ID Connect
- Okta
- Microsoft Entra ID (formerly Azure AD)
- France Connect
- SalesForce
Role definition
Our system supports role definition through the use of SAML attributes. There are three roles available: super admin, site admin, and common user. When roles are configured on the identity provider side, they will be automatically mapped to corresponding roles within our system. However, when roles are not configured on the IdP side, our system will rely solely on the internal role definitions.
Role definition is an optional feature. If role mapping is not configured, the roles defined within the Kameleoon system will be used without any additional checks, and SSO will be used only for verifying the user's identity.
SAML 2.0
For this method, you must provide the Identity Provider metadata XML file.
Additionally, you must set the callback URL (https://login.kameleoon.com/am/kameleoon/login/callback) as an authorized URL on the identity provider’s side.
Open ID Connect
For this method, you must provide the Client ID, Client Secret and OpenID Connect Well-Known Endpoint /.well-known/openid-configuration to get OpenID Provider Configuration.
Additionally, you must set the callback URL (https://login.kameleoon.com/am/kameleoon/login/callback) as an authorized URL on the identity provider’s side.
Microsoft Entra ID (formerly Azure AD)
To set up the native integration with Entra ID, you will need to provide the tenant ID, client ID, and client secret. Additionally, the callback URL (https://login.kameleoon.com/am/kameleoon/login/callback) needs to be set as an authorized URL on the identity provider’s side.
Native integration
SAML 2.0 can also be used for SSO integration with Microsoft Entra ID. This method requires the Identity Provider SAML 2.0 metadata XML file to be provided.
SAML 2.0
You can use SAML 2.0 for SSO integration with Microsoft Azure. You must provide the Identity Provider SAML 2.0 metadata XML file for this method.
Okta
SAML 2.0
You can use SAML 2.0 for SSO integration with Okta.
- Add a new application.
- Navigate to the Okta dashboard.
- Go to Applications and click Create App Integration.
- Select SAML 2.0 as the sign-on method.
- Configure your application.
- Enter you application's details.
- Specify the following in the SAML settings:
- Single sign-on URL (this is where Okta will send the SAML response):
https://login.kameleoon.com/am/kameleoon/login/callback. - Check the Use this for Recipient and Destination URL checkbox.
- Audience URI (SP Entity ID):
https://login.kameleoon.com.
- Single sign-on URL (this is where Okta will send the SAML response):
- Finish the setup.
- Save the application after filling out the required fields.
- Save the metadata URL provided by Okta. We will need it to configure SSO on Kameleoon.