How to set up SSO with Authentik
Scaleway supports Identity Federation to provide your teams with secure access to their accounts via SAML Single Sign-On.
Follow the steps below to set up Identity Federation for your Organization through SAML at Scaleway.
Before you start
To complete the actions presented below, you must have:
- A Scaleway account logged into the console
- Owner status or IAM permissions allowing you to perform actions in the intended Organization
- Authentik instance and user allowing you to perform admin actions.
Create a new Identity Provider
On Scaleway console
- Go to your security settings.
- Scroll to the Configure Identity Federation section.
- Click Set up SAML SSO. A pop-up appears.
- Click Start
- Open another tab to start IdP configuration on Authentik.
On Authentik
- Look for Applications in your sidebar and click to open Providers section.
- Click Create. A pop-up appears.
- Choose SAML provider type.
- Click Next.
- Fill the configuration form.
- Name: "Scaleway IDP"
- ACS URL: Assertion consumer service (ACS) URL (from Scaleway tab)
- Issuer: Scaleway Entity ID (from Scaleway tab)
- Service Provider Binding: Select Post
- Advanced protocol settings
- Signing Certificate: Select authentik Self-signed Certificate
- Toggle Sign assertions and Sign responses on
- NameID Property Mapping: Select authentik default SAML Mapping: Username
- Click Finish
- Click on your newly created Provider in the list.
- Click the Create button below Assigned to application. A pop-up appears.
- Fill the configuration form.
- Name: "Scaleway"
- Provider: Select Scaleway IDP
- Click Create
- Click to download the metadata file in the Related objects section
- Go back to the Scaleway Console tab.
On Scaleway console
- Upload the metadata file using the Download metadata button.
- Click Submit. A pop-up appears.
- If you are sure that you don't use OAuth2 SSO, click Confirm
Once setup is complete, members can log in via SAML.
See Also
Still need help?Create a support ticket