How to Set Up SAML SSO

Blameless offers SAML integration with various identity providers to support Single Sign On (SSO). Please contact your Blameless Customer Support Manager (CSM) to confirm if your Identity Provider (IdP) is supported.


If Google / GSuite is your IdP, Blameless can offer SSO through GSuite as well as a Google Authentication Login into the Blameless platform. Please contact your CSM for more info.

Creating a SAML Application in your Identity Provider (IdP)

  1. Log into your IdP (Okta, OneLogin, etc.)

  2. Create a new SAML application for Blameless within your IdP.

  3. Configure the app with the SSO URL and Audience URI (or Entity ID) provided by Blameless.


Please contact your Blameless CSM to obtain the values for the SSO URL and Audience URI to configure with your created SAML application.


Enabling SSO in Blameless

Once the SAML application is set up in the customer's IdP, the Blameless team will need to finish the configuration in Blameless' auth provider. Provide your Blameless CSM with the IdP SSO URL and the X.509 certificate.


Certificate Format

Ensure that the X.509 certificate is sent in a _.pem_ or _.cer_ file format.

The Blameless team will enable SSO when the configuration is complete. Your Blameless CSM will let you know when SSO is enabled. Users will be able to access Blameless using SSO from both navigating directly to the Blameless login page (service provider initiated flow) or by selecting the Blameless application from your IdP.