⭐️ SAML SSO is available on Enterprise plans.
Microsoft's Active Directory has been a long time the standard for managing an enterprise's users and their access permissions, and Azure Active Directory is its direct cloud counterpart. k6 Cloud integrates with Azure AD to provide organizations with a compliant way to handle on- and offboarding of team members to the service.
To setup Azure AD SAML SSO based authentication to k6 Cloud you must have:
Navigate to https://portal.azure.com/.
Log in to Azure and go to "Azure Active Directory" tab.
Select the "Enterprise applications" service.
Click on the "New application" button.
Select "Non-gallery application".
Give the application a name, e.g. k6 Cloud.
When your application has successfully been added, click "Set up single sign on" (or the equivalent "Single sign-on" link in the left menu):
Click "SAML" to enable it:
Edit "Basic SAML Configuration":
Property Value Identifier (Entity ID) https://api.k6.io/sso/acs/ Reply URL (Assertion Consumer Service URL) https://api.k6.io/sso/acs/ Logout Url https://app.k6.io/account/logout
Edit "User Attributes & Claims":
Setting the following user attributes (and clearing the "Namespace" property for each attribute):
Attribute Value Unique User Identifier user.userprincipalname user.email user.userprincipalname user.username user.userprincipalname user.first_name user.givenname user.last_name user.surname token An unique token that you'll be provided with by the k6 Cloud support team.
Copy the "App Federation Metadata Url" and send it to k6 Cloud support for completion of the setup.
Also, edit "SAML Signing Certificate" and set the "Signing option" to "Sign SAML response and assertion":
Before moving to the final step of testing the integration, make sure you've added the appropriate users and groups to the application in Azure AD:
Once you've gotten confirmation from k6 Cloud support that your account is ready we advise you to test the integration by clicking the "Test" button in Azure AD: