Single Sign-On Configuration
If your organization uses SAML for authentication, you can configure your SAML identity provider in the Nuclia Dashboard by following these steps:
- Go to Manage Account in the user menu at the top-right corner.
- Click on Account in the side navigation bar.
- In the SAML section, enter the following details for your SAML identity provider:
- Domain
- Entity ID
- Single Sign-On URL
- X.509 Certificate
After completing these steps, users will see a Use Single Sign-On button on the Nuclia Dashboard login page.
Google Workspace Configuration
For organizations using Google Workspace, the typical SAML configuration is as follows:
- ACS URL:
https://nuclia.cloud/api/auth/saml/acs - Entity ID:
https://nuclia.cloud/api/auth/saml - Signed Response: ☑️
- Name ID Format: EMAIL
- Name ID: Basic Information -> Primary Email
Microsot Entra ID
Add an entry on "Enterprise Applications", and create using "Create your own application". The selection option should be "Integrate any other application you don't find in the gallery (Non-gallery)".
Once created, go to "Setup Single-Sign-on" and "SAML". and on the Basic SAML Configuration setup the following:
- Identifier (Entity ID):
https://nuclia.cloud/api/auth/saml - Reply URL (Assertion Consumer Service URL):
https://gcp-global-dev-1.nuclia.io/api/auth/saml/acs
Then on the Attributes and Claims section, make sure the "Unique User Identifier" is set to
- source attribute:
user.mail - Name identifier format:
Email address
And the data you need for Nuclia setup is:
- Certificate (Base64) --> our X.509 Certificate
- Microsoft Entra Identifier --> our Entity ID
- Login URL --> our Single Sign-On URL