SAML
Required setup
To create your SAML integration, follow these steps:1
Domain
Let the Ghost team know your company domain - e.g.
company.com.2
SAML Settings
The Ghost team will provide you with a unique SSO URL and Entity ID.
The SSO URL will be in a format like https://app.ghostsecurity.ai/auth/saml/acs/<UUID>. Depending on your platform, this may also be referred to as the Assertion Consumer Service URL or ACS URL.
The Entity ID will be in a format like https://app.ghostsecurity.ai/auth/saml/metadata/<UUID>. Depending on your platform, this may also be referred to as the Audience URI.
Enter these values when configuring your SAML application for Ghost.
3
Constraints
Next, set the Name ID and Application username values.
Set the Name ID format to: EmailAddress
Set the Application username to: Email
name and role attributes:
1
Name
Set the
name attribute to user.firstName.2
Role
Set the
role attribute to user.ghost_role.Final setup
1
Metadata URL
Provide the Metadata URL generated by your IdP to the Ghost team. It will be a URL in a format like
https://<idp-provider>.com/app/yourappid/sso/saml/metadata. 2
Assign users
Assign the appropriate users to your SAML application so they can login to the Ghost platform.