Organisation's on our enterprise plan can enable SSO using SAML to manage access to the incident.io dashboard via an Identity Provider (IdP) like Okta.
How to enable SAML
To setup SAML, you'll need to be an Admin or Owner inside incident.io to initiate the integration, and you'll need to have someone with Admin access to your IdP to complete the setup in your provider.
Note: If you're just setting up incident.io for the first time, you need to first sign in using Slack, and then enable SAML.
Open the incident.io dashboard and go to Settings > Security.
Connectto begin the setup flow.
Choose your identity provider from the list of options and then follow its associated set up instructions.
Test your connection using the button provided.
You should now be connected 🚀
Once connected to SAML, you can configure which user email domains should be associated with your organisation. By default, only the user performing the setup's domain is set. Click on the
Configure domains button to add any other domains for your organisation.
Note: If you have a sandbox environment on incident.io, we recommend not using SAML with it. This is so that anyone logging in with SAML can be automatically redirected to your production instance based on their domain.
Logging in with SAML
Once you've set up SAML, all users in your organisation will have to sign in using SAML. If a user tries to sign in using Slack, they'll be redirected to your IdP to confirm their access to incident.io.
To sign in, click on the
Login with SAML SSO button, then enter your email address. Upon clicking
Login button, you'll be redirected to your IdP to authenticate, before being directed back to incident.io.
Dashboard only users
When a user logs in using SAML, we'll try and find their associated Slack account in your Slack workspace. However, if this user does not have access to your Slack, or their emails do match, they'll be created as a dashboard only user. These users cannot be assigned roles, be referenced in Workflows, or receive subscriptions as Slack messages.
How to disable SAML
If you wish to disable SAML, admins and organisation owners can do that again in Settings > Security. If you've managed to lock yourself out of the dashboard, please get in touch with
our via Intercom or Slack.
Additionally, if you remove the incident.io app in your IdP, make sure to remove it in incident.io too, or we won't know that your IdP is not letting anyone login.
Note: If you disable SAML, all users in your organisation will have to log back in again using Slack.
You can learn more about SCIM here.