Try Vultr Today with $50 Free On Us!

Get Started Now

Single Sign-On

Published on: Thu, Jan 24, 2019 at 11:44 am EST
FAQ

Your corporate login system can be integrated with Vultr's account system by using the Single Sign-On (SSO) feature. SSO helps simplify password management when managing accounts, which is useful for organizations that have employees or contractors.

Just want to login? Visit the SSO login page.

How it works

SSO is managed on your main Vultr account. Once enabled, account users will authenticate through your SSO provider. Your main Vultr account is used to create account users and grant them permissions. Password login for your account users is disabled. To log in, your account users must access the SSO login page, enter their email address, then login through your organization.

Compatibility

SSO on Vultr is made available through OpenID Connect. Your login provider would need to be compatible with OpenID Connect. Example compatible services include:

Other authentication technologies, such as SAML, are not currently supported.

Enabling SSO with OpenID

Log into the main Vultr account that you want to use to manage SSO. Navigate to the Account/Users page. Follow the wizard in the "Single Sign-On" area.

You will need the provide the following pieces of information:

  • OpenID Provider URL
  • OpenID Client ID
  • OpenID Client Secret

Example Integration with Okta

  • Sign into your Okta Admin panel.
  • Under Applications, click on "Add Application", then "Create New App".
  • Select "Web" as the Platform, and "OpenID Connect" as the "Sign on method".
  • Enter https://my.vultr.com/openid/ as both the "Login redirect URI" and "Logout redirect URI".
  • Click Save.
  • Make sure to assign your users to the application via the "Assignments" tab.
  • Save the Client ID and Client secret from the General tab.

Next, return to the Account/Users page page on Vultr and begin the SSO setup.

  • OpenID Provider URL: https://<yourdomain>.okta.com/
  • OpenID Client ID: <Client ID>
  • OpenID Client Secret: <Client Secret>

Click "Enable SSO". Account users can now login on the SSO login page.

Example Integration with Google Accounts

Google Accounts will allow you to use GMail addresses for your account users. Your users must not have previously signed up to Vultr with their GMail address, otherwise adding them as an account user will not work.

First, you'll need to setup OpenID connect on Google.

  • Sign into the Google API Console.
  • Create a project in Google Cloud. We'll call it "Vultr Login".
  • Navigate to the "APIs" / "Credentials" section.
  • Create credentials for a new "OAuth client ID".
  • You will be prompted to give your application a name on the OAuth consent screen. This name is shown upon login.
  • Resume creating credentials for a new "OAuth client ID".
  • For "Application Type", choose "Web Application". You will be prompted for several fields.
  • Authorized JavaScript origins:
  • https://my.vultr.com
  • Authorized redirect URIs:
  • https://my.vultr.com/
  • https://my.vultr.com/openid/
  • Jot down the "Client ID" and "Client Secret" provided by Google.

If needed, additional documentation from Google is available here.

Next, return to the Account/Users page page on Vultr and begin the SSO setup.

  • OpenID Provider URL: https://accounts.google.com/
  • OpenID Client ID: <Client ID>
  • OpenID Client Secret: <Client Secret>

Click "Enable SSO". Account users on your account with email addresses ending in "@gmail.com" can now login on the SSO login page.

Want to contribute ?

You could earn up to $300 by adding new articles!

Get started in the SSD Cloud!