SAML Configuration

Birst can integrate with Security Assertion Markup Language (SAML) 2.0 for Identity Provider (IdP) initiated access. Birst supports using SAML for authentication, including passing session-scoped parameters and just- in-time user provisioning. Birst supports SAML providers such as Okta, OneLogin, date for JIRAPing Identity, and Site Minder.

To configure Birst for a SAML Identify Provider (IdP), obtain this information:

Birst SAML endpoint
For the Appliance, the URL is similar to: https://fqdn/SAMLSSO/Services.aspx
For the Birst Cloud, the URL is similar to: https://login.bws.birst.com/SAMLSSO/Services.aspx
IdP certificate file
IdP issuer ID / entity ID
For an SP-Initiated SAML configuration, the IdP may need to know the entity ID of the Service Provider. When you configure SAML in Birst, there is the SP entity ID field generated by Birst. It looks like https://www.birst.com/<SAML_CONFIG_ID>. Use that SP entity ID in the IdP configuration settings.

Optional settings:

Key pair for SAML assertion encryption. Birst Support provides guidance for generating the pair.
Idle timeout value in minutes.
Logout URL for a custom page displayed after a timeout.
Error URL for a custom error page displayed after an error.