Single sign-on for private pages allows you to completely lock down your status page to employees only and have them authenticate with existing SSO credentials to both view the page and subscribe to notifications. Statuspage officially supports several identity providers and can integrate with any IdP that speaks SAML 2.0. Below, we list out our supported partners and how to set up a custom SAML application outside of our supported partners.

Note: Single sign-on for private pages comes with all private status pages. The number of SSO page viewers is dependent upon your private page plan.

Supported identity providers setup documentation:

  1. Setting up Okta for SSO Employee Viewers
  2. Setting up OneLogin for SSO Employee Viewers
  3. Setting up PingOne for SSO Employee Viewers
  4. Setting up Bitium for SSO Employee Viewers
  5. Setting up ADFS for SSO Employee Viewers

Set up SAML for page viewers

Note: We do not officially support signed Assertions from ADFS.

The following tutorial will take you through creating a custom SAML application to integrate with Statuspage SSO for Employee Viewers. We'll be creating a custom application within Okta for demonstration purposes. Keep in mind that these steps may differ slightly depending on your IdP setup.

  1. Click Your page in the left sidebar.

  2. Click Authentication from the second menu that opens in the left sidebar.
  3. Click Configure next to SAML.

  4. Scroll down to Using SAML. On top of this form, you'll see two values; ACS URL / Consumer URL and EntityID/Audience URI. These values will be needed within your IdP.

    • Alternately, you can click on service provider metadata XML file for this Organization to see the raw SAML metadata.

     

Continue setup within OneLogin
  1. Click Add App in the top right corner of the page

  2. Search for Statuspage.

  3. Click the app to get started.

  4. Change Display Name or leave as-is.

  5. Select the radio button for SAML 2.0 in the Connectors field.

  6. Click Save in the top right corner of the page. You'll be brought to your Statuspage app's configuration dashboard.

  7. Click the Configuration tab. You'll see a field for Statuspage.io Entity ID. Remember the EntityID field in your Statuspage admin? You'll enter that value here.

  8. Finally, we'll need to get some data from OneLogin to complete setup in your admin within Statuspage. In OneLogin, click on the SSO tab, and look for the fields X.509 Certificate and SAML 2.0 Endpoint (HTTP). You'll need both of these values.

 

To get the certificate's value, click on 'View Details', and click the copy button above the certificate's field:

  1. Click Save before heading back to Statuspage.

Finish setup in Statuspage
  1. Navigate back to your SSO Controls in your Statuspage management interface.

  2. Click your user menu (avatar) in the bottom left of any Statuspage screen.

  3. Click User management.

  4. Click on the Single sign-on tab to access your SSO settings.

  5. Fill in the SSO Target URL field with the SAML 2.0 Endpoint (HTTP) value, provided by OneLogin.

  6. Fill in Certificate with the corresponding value from OneLogin. Be sure to include the header and footer lines when pasting your X.509 Certificate!

  7. Click Save Configuration, and your application is now configured to use single sign-on.

Assigning users to your application

Now that your application is configured, all you have to do is assign users to it so that you can access the app.

  1. Return to the OneLogin admin portal for this application

  2. Click Users. Here you'll see a list of available users that you can grant access to your app:

3. When you click a name, you'll see a modal appear that will allow you to manage this user's access. When you're done, click Save, and the settings will be applied!

You've just enabled single sign-on for your Statuspage account. You can still login through Statuspage, and also through your list of available Apps on OneLogin.