Single sign-on

Single Sign-On (SSO) provides organizations a secure and centralized way of controlling access to the Localytics dashboard. With SSO enabled, you can provision users with access to several different applications (including Localytics) through one set of credentials.

Localytics supports several IDPs and Protocols via OAuth2 or SAML 2.0. To configure single sign-on for your organization, contact Support.

Localytics-supported IdPs and protocols

An identity provider (IdP) can provide SSO-based access to Localytics as long as it is one of the following IdPs:

  • Google GSuite
  • Microsoft Azure AD
  • Ping Federate

  • Okta

  • OneLogin

Or supports one of the following protocols:

  • SAML
  • OIDC
  • WS-Federation

Configuring your IdP

Google GSuite

Configure a new application in GSuite to provide identity information to the Localytics app.

Requirement

Details

Set parameters in your GSuite application configuration
  • Authorized JavaScript origins: https://localytics.auth0.com
  • Authorized redirect URIs: https://localytics.auth0.com/login/callback

Reach out to our Support team with your configuration parameters
  • GSuite Domain
  • ClientID
  • Client Secret

Complete configuration

Our Support team will complete configuration from within the Localytics application.

Log in to the Localytics dashboard

GSuite users can log in to the Localytics dashboard with default permissions.

Assign permissions

A Localytics user with Admin permissions can assign appropriate permissions. For more information, see User permissions.

SAML

Configure a new application in your SAML supported IdP to provide identity information to the Localytics app.

Requirement

Details

Set parameters in your application configuration
  • Single sign-on URL: https://localytics.auth0.com/login/callback
  • SAML attributes
    • email
    • given_name
    • family_name

Reach out to our Support team with your SAML metadata file
  • X509 Signing certificate: SAMLP server public key encoded in PEM format
  • SAML single login URL

Complete configuration

Our Support team will provide you with the configuration for:

  • Audience URI (SP Entity ID)

Log in to the Localytics dashboard

Users can log in to the Localytics dashboard with default permissions.

Assign permissions

A Localytics user with Admin permissions can assign appropriate permissions. For more information, see User permissions.

OIDC

Configure a new application in your IdP to provide identity information to the Localytics app.

Requirement

Details

Set parameters in your application configuration
  • Callback URL: https://localytics.auth0.com/login/callback

Reach out to our Support team with your SAML metadata file
  • Issuer URL: URL of the discovery document of the OpenID connect provider
  • ClientID: OpenID connect provider client ID

Complete configuration

Our Support team will complete configuration from within the Localytics application.

Log in to the Localytics dashboard

Users can log in to the Localytics dashboard with default permissions.

Assign permissions

A Localytics user with Admin permissions can assign appropriate permissions. For more information, see User permissions.

Note: Please note that currently the IdP can only provide identity information for authentication. We do not yet support authorization by having scopes configured in the IdP and having them converted into useful Localytics roles.