SAML SSO

Learn how to get setup for Security Assertion Markup Language (SAML) in Mezmo, the easiest, fastest cloud log management and analysis software.

This documentation provides the setup instructions for Security Assertion Markup Language (SAML) single sign-on.

📘

LogDNA EnterpriseLogDNA Enterprise
This feature is only available for customers on an Enterprise plan, and is restricted to Owner and Admin user roles. Please contact your Customer Support Manager or [email protected] for more information.

After SAML is enabled, you will need to configure your Identity Provider (IdP) settings in Mezmo.

Step 1: Go to Settings > Team.
Step 2: Click on Settings tab on the side to switch the view to Sign In settings for your app.
Step 3: You can either drop your metadata from your IdP OR manually set up the fields by clicking on configure manually. Mezmo requires Identity Provider Sign-in URL and X.509 certificate fields from your IdP for a successful configuration.

Step 4: Confirm fields and click on Save Config button. All set!

OneLogin Setup

If you're using OneLogin as your IdP, here's how you can set it up on OneLogin's side and obtain Identity Provider Sign-in URL and X.509 certificate fields for Mezmo;

1. Head to your organization's OneLogin. Click on Apps > Add Apps

2. Search for SAML in the Find Applications section. Select SAML Test Connector (IdP w/attr) from the search result.

3. Update the Display Name, and click SAVE.

4. Under Configuration Tab, enter your Mezmo Single Sign on URL under ACS (Consumer) URL Validation and ACS (Consumer) URL.
Mezmo Single Sign on URL can be found on your Mezmo app. You can find it on Settings > Team Members > Settings tab, under SAML configuration section. Copy this URL.

Paste that URL in your OneLogin Configuration tab under ACS URL Validator and ACS URL sections.

5. Keep Parameters and Rules tabs as it is unless you have a special setup. Move to SSO tab.
Make sure you select SAML Signature Algorithm -> SHA-256

6. Modify other tabs if needed and click SAVE button

Now, depending on how you want to proceed with Mezmo SAML Configuration;

- You can either click on MORE ACTIONS > SAML Metadata to download the metadata XML and drop it on Mezmo SAML Configuration to let Mezmo grab the information needed.

- Or you can configure it manually via the using your OneLogin SAML connector's SSO tab information.
Identity Provider sign-in URL in Mezmo configuration page corresponds to SAML 2.0 Endpoint (HTTP) under OneLogin SSO tab. For X.509 certificate, you need to download it from OneLogin and upload it Mezmo (please make sure that it's a .pem file)

Click on Save Config. All set!

Okta Setup

If you're using Okta as your IdP, here's how you can set it up on Okta's side and obtain Identity Provider Sign-in URL and X.509 certificate fields for Mezmo;

1. Head to your organization's Okta. Click on Applications > Add Application, then click on Create New App

2. on Create a new Application Integration window, choose Platform: Web and Sign on Method: SAML 2.0. Hit Create.

3. Fill out the information under General Settings Tab, click Next.

4. Under Configure SAML; Use the Single Sign on URL from Mezmo under Single sign on URL in Okta. Audience URI (SP Entity ID) is mezmo-saml/[accountID].
Note: account ID can be seen in the URL when you log in to your Mezmo account. Here's our URL format: https://app.mezmo.com/[accountID]/logs/view

5. Fill out the Feedback tab and Click on Finish

6. You will be redirected to the Application's detail. On Sign On tab, Okta will provide you the necessary information to set up on Mezmo SAML Configuration in order to complete the SAML integration.

Now, depending on how you want to proceed with Mezmo SAML Configuration;
You can either click on View Setup Instructions or Identity Provider metadata.

- You can click on View Setup Instructions you will have the access to individual fields to use for your Mezmo Configuration (if you want to proceed with the manual configuration).
On the Okta Application's SAML configuration page;
Copy the Identity Provider Single Sign-on URL and paste it to your Mezmo Identity Provider Sign-in URL field.
Click on Download certificate to save the Okta SAML certificate and use it on your Mezmo X.509 certificate field.

- Or, you can save Identity Provider metadata from Okta and drop the metadata XML to let Mezmo configure your SAML automatically for you.

Please confirm the fields and click on Save Config. All set!