Hub as SAML Identity Provider for Artifactory
Last modified: 09 November 2023Before you start, verify the following prerequisites:
You mast have administrator privileges in both Artifactory and Hub.
You must have the SSL certificate that is packed into the
.p12
keystore that is set up for SAML connection in Hub.
To configure SSO for Artifactory with Hub as IdP:
Log into Artifactory with administrator privileges. Open Admin module > Security > SAML SSO.
Enable the SAML integration and provide the following parameters:
Parameter
Description
SAML Login URL
Paste the content of the Sign In URL field on More Settings > SAML2.0 > Settings page of the Hub server.
SAML Logout URL
Paste the content of the Sign Out URL field on More Settings > SAML2.0 > Settings page of the Hub server.
SAML Service Provider Name
Set up the service provider name of Artifactory by which it should be recognized in Hub. Use the domain name of your Artifactory instance.
SAML Certificate
Paste the content of the certificate that you packed into the
.p12
keystore that is set up for SAML connection in Hub.Configure options related to processing unknown user accounts by Artifactory. We recommend that you enable the Auto Create Artifactory Users option.
Save the configuration.
Configure Custom URL Base of your Artifactory. Refer to the Artifactory documentation for details.
In Hub, select SAML 2.0 from the Access Management section of the Administration menu.
Select the Registered Service Providers tab.
Click the Register service provider button.
In the dialog, provide the following parameters of the Artifactory service:
Parameter
Description
Name
Enter a name to be displayed for the Artifactory service in Hub.
Issuer
Use the name of your Artifactory service. If you use the Cloud version of Artifactory, enter the name in the format
<accountname>.artifactoryonline.com
.Description
Optionally, enter a description of the Artifactory service.
Consumer URL
Enter the Assertion Consumer Service (ACS) URL of your Artifactory service. General format of the URL is:
<Custom Base URL>/webapp/saml/loginResponse
Hub should send
LogoutResponse
Make sure that the option is disabled.
Thanks for your feedback!