All Collections
Account Admin
Security & Data Privacy
Sign in with SAML
Sign in with SAML

Set up SSO using SAML to manage user access through IdPs like Okta, Google SAML or Auth0.

incident.io Engineering Team avatar
Written by incident.io Engineering Team
Updated over a week ago

Organisations on our Enterprise plans and newer Pro plans can enable SSO using SAML to manage access to the incident.io dashboard via an Identity Provider (IdP) like Okta.

โ„น๏ธ All plans have access to SSO via sign-in with Slack. If you have your Slack sign-in configured using SAML, then we'll use that.

How to enable SAML

Prerequisites

To setup SAML, you'll need to be an Admin or Owner inside incident.io to initiate the integration, and you'll need to have someone with Admin access to your IdP to complete the setup in your provider.

Note: If you're just setting up incident.io for the first time, you need to first sign in using Slack, and then enable SAML.

Setup

  • Open the incident.io dashboard and go to Settings > Security.

  • Click Connect to begin the setup flow.

  • Choose your identity provider from the list of options and then follow its associated set up instructions.

  • Test your connection using the button provided.

  • You should now be connected ๐Ÿš€

Configuring domains

Once connected to SAML, you can configure which user email domains should be associated with your organisation. By default, only the user performing the setup's domain is set. Click on the Configure domains button to add any other domains for your organisation.

Note: If you have a sandbox environment on incident.io, we recommend not using SAML with it. This is so that anyone logging in with SAML can be automatically redirected to your production instance based on their domain.

Logging in with SAML

Once you've set up SAML, all users in your organisation will have to sign in using SAML. If a user tries to sign in using Slack, they'll be redirected to your IdP to confirm their access to incident.io.

To sign in, click on the Login with SAML SSO button, then enter your email address. Upon clicking Login button, you'll be redirected to your IdP to authenticate, before being directed back to incident.io.

Dashboard only users

When a user logs in using SAML, we'll try and find their associated Slack account in your Slack workspace. However, if this user does not have access to your Slack, or their emails do match, they'll be created as a dashboard only user. These users cannot be assigned roles, be referenced in Workflows, or receive subscriptions as Slack messages.

How to disable SAML

If you wish to disable SAML, admins and organisation owners can do that again in Settings > Security. If you've managed to lock yourself out of the dashboard, please get in touch with

our via Intercom or Slack.

Additionally, if you remove the incident.io app in your IdP, make sure to remove it in incident.io too, or we won't know that your IdP is not letting anyone login.

Note: If you disable SAML, all users in your organisation will have to log back in again using Slack.

SCIM support

You can learn more about SCIM here.

Related Articles
Zoom
Using Zapier
SCIM (Automatic user provisioning)
On-call notifications and preferences
Teams in Catalog: Migrating from SlackUsers to Users
Did this answer your question?