SSO User management

Hi, I have a question regarding user creation and access management when using saml authentication.

How can we manage/assign roles and ensure only specific users we create can access our account?
Would we be able to use saml AND normal authentication?

Hi @stefan.coetzer1

Follow the URL and let’s see if you are doing the same.
To setup SSO: https://docs.newrelic.com/docs/accounts/accounts/saml-single-sign/set-sso
To add a user: https://docs.newrelic.com/docs/accounts/accounts/saml-single-sign/add-users-saml-accounts

Thanks, I have the SSO set up and tested so it’s working, the user creation makes sense.

Once we enable SAML, will normal user authentication still work?

Hey @stefan.coetzer1 - No, currently New Relic only supports one authentication method per account. If SSO is enabled, it is enforced for ALL users.

Thanks.

Will the currently active users be converted to SSO users and be sent a confirmation email?
I’m assuming the Owner will stay active so that the Owner account can log in should anything go wrong?

So yes! When SSO is enabled, all existing users are switched to a ‘pending’ state. They can’t log in at that point until they verify themselves via an email NR sends at the time SSO is enabled.

When SSO is enabled, the owner does need to also authenticate via SSO.

There are 3 steps to enabling SSO:

Configure > Test > Enable

The test phase allows the owner to validate that they can authenticate to the account via SSO. They cannot enable SSO if this fails.

So you are safeguarded from there being an issue, at least with the owner, after enablement.

1 Like