Okta Authentication for FireHydrant Status Pages
With FireHydrant's status pages, you have the option of locking them behind your SSO provider so that only employees or other organization members can access them.
Prerequisite: You'll first want to configure the status page by creating it and then setting up the CNAME records. Once the page is created and accessible, you can start working through these instructions to lock it behind authentication.
Note: We currently only support SAML 2.0 for SSO-authenticated status pages. In addition, this limits access to anyone in your organization who can login via SSO and is not limited to only users with FireHydrant licenses.
First, you'll want to create a SAML 2.0 application in your provider.
- When selecting the type, choose SAML 2.0.
- Provide a descriptive name for your application, such as "Internal Status Page."
For configuring the SAML, use the information below to populate the SAML settings and attribute mappings, where <custom domain> is the custom domain for your status page.
|Single sign-on URL||https://<custom domain>|
|Use this for Recipient URL and Destination URL|
|Audience URI||https://<custom domain>/auth/dex/callback|
|Default RelayState||-leave blank-|
|Name ID format||Unspecified|
|Application username||Okta username|
|Update application username on||Create and update|
|Other Requestable SSO URLs*||https://<custom domain>/auth/dex/callback|
- *Click on
Show advanced settingsto display this box
On the Feedback screen, ensure that you specify you’re creating an internal application, otherwise Okta may reach out about publishing the app in their marketplace.
Once the above is finished, download the Identity Provider Metadata XML, and then attach it when opening a support ticket.
Your support representative will complete the setup with you from there.
- Learn how to use your new FireHydrant statuspage.