Sumo Logic

Sumo Logic offers both IdP-initiated SAML SSO (for SSO access through the Admin Portal) and SP-initiated SAML SSO (for SSO access directly through the Sumo Logic web application). You can configure Sumo Logic for either or both types of SSO.

Sumo Logic requirements for SSO

Before you configure the Sumo Logic web application for SSO, you need the following:

  • An active Sumo Logic account for your organization.

  • An Assertion Consumer Number ID assigned by Sumo Logic.

  • A signed certificate.

  • You can either download one from Admin Portal or use your organization’s trusted certificate.

  • Contact information for Sumo Logic support (to enable and test the SSO feature on your account).

Adding Sumo Logic in Admin Portal

Configuring Sumo Logic for single sign-on

The following steps are specific to the Sumo Logic application and are required in order to enable SSO for Sumo Logic. For information on optional configuration settings available in the Centrify Admin Portal, see Optional configuration settings.

Sumo Logic Specifications

Each SAML application is different. The following table lists features and functionality specific to Sumo Logic.

Capability

Supported?

Support details

Web browser client

Yes

 

Mobile client

No

 

SAML 2.0

Yes

 

SP-initiated SSO

Yes

 

IdP-initiated SSO

Yes

 

Force user login via SSO only

No

Username-password login remains available after SSO is enabled.

Separate administrator login
after SSO is enabled

No

 

User or Administrator lockout risk

No

 

Automatic user provisioning

Yes

Log in to https://service.sumologic.com as Administrator and go to Manage > Security to configure On Demand provisioning.

Multiple User Types

Yes

Admin user

End users

Self-service password

Yes

Users can reset their own passwords. Resetting another user’s password requires administrator rights.

Access restriction using a corporate IP range

Yes

You can specify an IP Range in the Admin Portal Policy page to restrict access to the application.