Sumo Logic

Sumo Logic offers both IdP-initiated SAML SSO (for SSO access through the Admin Portal) and SP-initiated SAML SSO (for SSO access directly through the Sumo Logic web application). You can configure Sumo Logic for either or both types of SSO.

Sumo Logic requirements for SSO

Before you configure the Sumo Logic web application for SSO, you need the following:

  • An active Sumo Logic account for your organization.

  • An Assertion Consumer Number ID assigned by Sumo Logic.

  • A signed certificate.

  • You can either download one from Admin Portal or use your organization’s trusted certificate.

  • Contact information for Sumo Logic support (to enable and test the SSO feature on your account).

Adding Sumo Logic in Admin Portal

Configuring Sumo Logic for single sign-on

The following steps are specific to the Sumo Logic application and are required in order to enable SSO for Sumo Logic. For information on optional configuration settings available in the Centrify Admin Portal, see Optional configuration settings.

Sumo Logic Specifications

Each SAML application is different. The following table lists features and functionality specific to Sumo Logic.



Support details

Web browser client



Mobile client



SAML 2.0



SP-initiated SSO



IdP-initiated SSO



Force user login via SSO only


Username-password login remains available after SSO is enabled.

Separate administrator login
after SSO is enabled



User or Administrator lockout risk



Automatic user provisioning


Log in to as Administrator and go to Manage > Security to configure On Demand provisioning.

Multiple User Types


Admin user

End users

Self-service password


Users can reset their own passwords. Resetting another user’s password requires administrator rights.

Access restriction using a corporate IP range


You can specify an IP Range in the Admin Portal Policy page to restrict access to the application.