Skip to content

SAML Management (via CLI)

The Coralogix CLI tool allows management of SAML SSO configuration by admin users. Actions supported on the CLI include viewing, initializing, activating, and deactivating SAML configuration. This capability makes it possible for SAML integration to be automated using scripts or other provisioning tools.

This tutorial will guide you on how to manage the SAML integration using the CLI tool.

Notes:

  • If you intend to follow this integration with our SCIM integration, delete any existing users before the SCIM integration is applied. If necessary, leave one admin user.

  • Upon completion of the SCIM integration, recreate all users through SCIM.

Getting started

  1. Install the latest version of the Coralogix CLI

  2. Teams API key (Fetch this from Account -> Settings -> API access)

  3. User must have an admin role.

Environment variables

ExampleCommand
CORALOGIX_SAML_API_KEYTeams API key

Note: When the environment variable is set, --api-key (-k) becomes an optional argument when using the tool.

Commands

details

This command displays SAML configuration for:: your Team.

activate

This command will activate SAML on your Team.

deactivate

This command will deactivate SAML on your Team.

init

This command will initialize SAML on Coralogix with metadata file from the IdP.

Note: Initializing SAML does not activate it. For SSO authentication to work, SAML needs to be activated (using activate command).

add-entity-id

This command adds your team-id to the SP Entity URL. 

This will help uniquely identify the Coralogix SP on the IdP (required when you are configuring SAML for multiple teams with the same Identity Provider).

remove-entity-id

This command removes team-id from the SP Entity URL

generate-provisioning-token

This command generates the provisioning token

remove-provisioning-token

This command removes the provisioning token

Examples

Note: Examples below assume the api-key is provided as an environment variable.

ExampleCommandDescription
cxctl saml --region detailsdetailsView SAML configuration details
cxctl saml --region eu activateactivateActivate SAML for your team hosted on the EU cluster
cxctl saml --region eu deactivatedeactivateDeactivate SAML for your team hosted on the EU cluster
cxctl saml --region eu init /path/to/IdP-metadata.xmlinitInitialize SAML for a team hosted on eu cluster using the metadata file from your IdP
cxctl saml --region eu init /path/to/IdP-metadata.xml --add-entity-id --provisionTokeninit- Initialize SAML for a team hosted on eu cluster using the metadata file from your IdP.
- Append team-Id to the SP Entity-Id URL.
- Generate a provisioning token.
cxctl saml --region eu add-entity-idadd-entity-idAdd entity-id to the service provider
cxctl saml --region eu remove-entity-idremove-entity-idRemove entity-id from the service provider
cxctl saml --region eu generate-provisioning-tokengenerate-provisioning-tokenGenerate provisioning token
cxctl saml --region eu remove-provisioning-tokenremove-provisioning-tokenRemove provisioning token

Options

FlagsDescriptionMandatory / Optional
--region region
-r region		Coralogix cluster hosting your account. Options available are:
eu (EU1)
se (EU2)
us1 (US1)
us2 (US2)
in (API1)
sg (AP2)		Mandatory when not using --custom-endpoint
--api-key api-key
-k api-key		Teams API key from your account settingsOptional when the CORALOGIX_SAML_API_KEY environment variable is set
--custom-endpoint URLURL to your Coralogix API endpoint. (Applies for customers with private-link integrations.)Mandatory when --region is not provided
--add-entity-idAdd entity-id when the init sub-command is executedOptional flag supported by the init sub-command only
--provisionTokenGenerate the provisioning token when the init sub-command is executedOptional flag supported by the init sub-command only
--helpDisplay help text
Previous Previous Team Management (via CLI)
Next RUM CLI Next
Home
User Guides User Guides
Integrations Integrations
OpenTelemetry OpenTelemetry
Developer Portal Developer Portal