These steps will guide you through setting up the single sign-on functionality between ADSelfService Plus and Spotinst.
Login to ADSelfService Plus as an administrator.
Navigate to Configuration → Self-service → Password Sync/Single Sign-on.
Search for Spotinst and select it.
Click Download SSO Certificate link in the top-right corner of the screen.
Spontinst (Service Provider) configuration steps
Login to Spotnist with an administrator’s credentials.
Click on the Avatar icon..
Navigate to Settings → Security tab → Select Identity Provider
Enable SAML and Select Provider type as SAML.
You can upload the metadata file in the respective field. (Refer Step 5 of Prerequisite).
Select Viewer as the user default role.
ADSelfService Plus (Identity Provider) configuration steps
Now, switch to ADSelfService Plus’ Spotinst configuration page.
In the Domain Name field, enter the domain name of your email address. For example, if you use firstname.lastname@example.org to log in to Spotinst, then spotinst.com is the domain name.
Enter a Description for the connection.
In the Available Policies field, click on the drop-down box and select the policies for which you wish to enable single sign-on.
Click Save and log out of ADSelfService Plus.
For Spontinst, only SP initiated flow is supported.