Single sign-on FAQs
Does Glance act as a SAML Identity Provider?
No. Glance acts as a Service Provider, also known as a Relying Party.
Can I configure single sign-on for only a few users in my account (my group)?
No. SAML configuration at Glance is done on a per-group basis.
It may be possible to configure your Identity Provider (or Active Directory / Federation Services) to only allow Glance access to certain groups of people in your enterprise.
How do I require my users to use single sign-on, and prevent them from logging in to Glance directly?
- Visit the Settings tab of the Account Management page.
- Go to the Password Requirements panel.
- Choose the Subscribers with no passwords
may not create their own passwords
option. - Press Save Changes.
Is single sign-on secure?
Yes. Glance, like all SAML 2.0 service providers, uses industry-standard cryptographic security. Read more here. Glance requires cryptographically signed (authenticated) SAML, and can use encrypted SAML.
What happens if single sign-on fails for some reason? Can I still get into my Glance account?
Yes. To do this, configure a password for an account with administrative privileges. Then log in to Glance with your username and password. Please don’t hesitate to contact Glance Customer Success if you need help.
How do I change my X.509 public key?
If your SAML Identity Provider’s private key changes, you need to change the public key you provisioned in Glance. Read this for instructions.