Configuring SAML SSO for Datadog
These steps will guide you through setting up the single sign-on functionality between ADSelfService Plus and Datadog
Prerequisite
-
Log in to ADSelfService Plus as an administrator.
- Navigate to Configuration → Self-Service → Password Sync/Single Sign On → Add Application, and select Datadog from the applications displayed.
Note: You can also find Datadog application that you need from the search bar located in the left pane or the alphabet wise navigation option in the right pane.
-
Click IdP details in the top-right corner of the screen.
- In the pop-up screen that appears, click Download Metadata and save the XML file. We will need this file in a later step.
Datadog (Service Provider) configuration steps
-
Now, log in to your Datadog administrator account.
-
Click on your profile picture present at the bottom left corner.
-
Click Settings.
-
Click Go to organization settings and select the Configure SAML tab.
-
Click Enable and upload the metadata file you had saved in Step 4 of Prerequisite.
-
When you enable SAML, a single sign-on URL will be displayed. Note down the URL. This will serve as the SAML Redirect URL while configuring Datadog with ADSelfService Plus.
ADSelfService Plus (Identity Provider) configuration steps
- Now, switch to ADSelfService Plus’ Datadog configuration page.
-
Enter the Application Name and Description.
-
In the Assign Policies field, select the policies for which SSO need to be enabled.
Note:ADSelfService Plus allows you to create OU and group-based policies for your AD domains. To create a policy, go to Configuration → Self-Service → Policy Configuration → Add New Policy.
-
Select Enable Single Sign-On.
-
Enter the Domain Name of your Datadog account. For example, if you use johndoe@thinktodaytech.com to log in to Datadog, then thinktodaytech.com is the domain name.
-
In the SAML Redirect URL field, enter the URL you had copied in Step 6 of Datadog configuration.
-
In the Name ID Format field, choose the format for the user login attribute value specific to the application.
Note: Use Unspecified as the default option if you are unsure about the format of the login attribute value used by the application.
-
Click Add Application.
Your users should now be able to sign in to Datadog through ADSelfService Plus.
Note:
For Datadog, both IdP-initiated and SP-initiated flows are supported.