Configuring SAML for Cloudbees
REQUIRED ACCOUNT/PERMISSION LEVEL
Bitium: All account levels; must be an admin to set up
Cloudbees: Must be an admin to set up
Before you can use SAML with Cloudbees, you’ll need to add the TXT record in your DNS with value cloudbees-domain-verification:(xxxxx).
According to Cloudbees, DNS propagation can take 24 hours if not more. You will also need to reach out to Cloudbees and ask them to validate your domain, prior to setting up SAML.
Go to “Manage Apps.”
Select “Cloudbees” from the list of installed apps.
Select the “Single Sign-On” tab.
From the dropdown, select “SAML Authentication.”
Leave your Bitium window open and continue in a new tab.
Log into your Cloudbees admin account.
Click on the “Settings” gear icon in the top right corner.
Under Account Tools, click on the SAML SSO tab.
In Bitium & Cloudbees:
- In Bitium, fill in the name of your account in the “Account ID” field.
- In Cloudbees, fill in the “Authentication Domains” field with the domains of users you would like to be able to authenticate into your account.
- From Bitium, copy the “Login URL.” Paste this into the “Remote Login URL” field in Cloudbees.
- From Bitium, copy the X.509 Certificate. Paste this into the “New Certificate” field in Cloudbees.
- For the “Provision User” dropdown, select whether you would like a new user account to be created by JIT provisioning when a user authenticates via saml for the first time. This means that you can provision users by having the app set up with SAML and assigning them in Bitium. If you do not want this feature, choose no.
- Click continue in Cloudbees.
- In Bitium, go back to the Single Sign-On tab for Tableau and click the “Save Changes” button.
SAML Enabled will be illuminated in green once completed.