Bugfender can establish a trust relationship with your Identity Provider for a given domain. Users can use your company's Single Sign-On system and seamlessly work with Bugfender without needing a password.
For example, if your domain is yourcompany.com, Bugfender can trust your SSO system to authenticate all emails in the @yourcompany.com domain.
Bugfender works with all SAML-enabled Identity Providers, including:
If your SAML provider is not listed here, don't worry; chances are it is supported anyway. There are a million implementations of SAML, each one with its own quirks! 😉. Contact us and we will be happy to test it together with you.
Mandatory or Optional
Logging in with your Identity Provider can be mandatory or optional:
Mandatory: useful if you want to establish your Identity Provider as the source of truth for who is able to log in to your company's resources.
Optional: useful as an alternative to password login and while testing your Identity Provider integration. In this mode, password login still works, and therefore someone who has been removed from your Identity Provider will still have access to the account via password.
Automatic provisioning and de-provisioning
When a user from your domain creates an account in Bugfender, it will be linked with your Identity Provider automatically. However, this will not grant any additional permissions automatically. If you want to collaborate with someone on a team, you still must invite them and specify the permissions you want for them.
If you make logging in with your Identity Provider mandatory, users de-provisioned from your Identity Provider will not be able to log in to Bugfender either.
If you would like to authenticate your domain with SAML, please get in touch with us. You will need to provide the following information:
The name of the domain(s) you want to authenticate with SAML, for example, yourcompany.com.
The SAML metadata URL of your Identity Provider.
During the setup of your Identity Provider you will need the metadata URL of Bugfender:
Once you provide this information, we'll follow together the following steps:
Verify the ownership of the domain
Set up the SAML connection between your Identity Provider and Bugfender
Test the login using the Identity Provider
(Optionally) Make your Identity Provider the authoritative source for logins on your domain, removing the possibility of logging in in other ways
Bugfender requires SAML responses to assert:
The user's email address:
The user's name:
Attribute mappings for Ping Identity
Please set up the mappings like this:
Bindings setup for JumpCloud
Please configure your IdP to accept
HTTP-POST bindings are not supported at the moment (they might be eventually).