Introducing SAML-Based SSO Authentication: More Security, Easier Login
Security and administration features are undoubtedly a huge part of your team’s success. The better Sentry fits into your existing systems and management workflows, the better your experience will be. That’s why we’ve made advanced SSO authentication with SAML 2.0 available to all organizations on our Sentry Enterprise plan. SAML is the next step in our commitment to helping you ensure extensibility and governance, eliminate security vulnerabilities, and streamline adoption and use across your entire organization.
Our new integrations with SAML providers OneLogin, Auth0, and Okta are the best way to deliver seamless, auditable, and secure identity management for all your Sentry users:
Security & Compliance: SSO makes creation and enforcement of password policies more programmatic and unified across applications. Access logging is also easier, as is granting or removing permissions to different apps as compliance protocols change. Meanwhile, SAML makes it a snap to deny or revoke the credentials of any random weirdo that comes along to pose a threat.
Management & Administration: Deployment and oversight typically become challenging as your services and users increase. This is particularly true for product teams that prioritize monitoring and observability, since demand for tools can be pretty fluid. SAML removes some of that complexity from identity provision and management and helps admins focus on value-added activities like analytics and wine pairings for each app.
Access & Continuity: SAML makes it easier for your entire team to get the most from Sentry alongside the other tools in your development stack. A single password that takes advantage of existing LDAP or Active Directory support means access will be smoother and more secure than ever for your developers, SREs, and product managers, anywhere and on any device (although probably not a Fire Phone or Hipstreet Tablet).
Sentry’s Medium and Large plans also offer an integration with Rippling, which makes onboarding and offboarding users to your Sentry org much easier and more secure.
“We’re seeing growing adoption of automated error tracking solutions like Sentry, as organizations become more serious about how exception monitoring and developer efficiency affect customer experience. We’re proud to be a launch partner for Sentry’s enterprise SSO and identity access management (IAM) features,” said John Offenhartz, Senior Director of Product at OneLogin. “Authentication is a virtue for tools that are widely used across all parts of the product organization. OneLogin will play a key role in simplifying, managing, and securing that adoption.”
Sentry’s single sign-on (SSO) implementation has always prioritized security. We aggressively monitor linked accounts and will disable them with any reasonable sign that the account’s access has been denied, in addition to two-factor authentication (2FA) for intrusion prevention. You know how you’re able to log in to your business apps with a Google or GitHub username and password? That’s SSO in action.
We’re adding support for security assertion markup language (SAML) as the basis for enterprise SSO. This facilitates authentication through the web browser and improves identity management for the increasing number of organizations using Sentry at scale. SAML streamlines signup and login from trusted domains to significantly enhance user experience, increase access control, and promote regulatory compliance. It also adds an important layer of security for hosted applications like Sentry, making SaaS even more manageable than on-prem software in many cases.
“We’ve seen that Sentry’s footprint in the modern development stack is large and growing quickly. Organizations of all sizes are thinking about how to manage and scale their development workflows, especially as they relate to observability and rapid iteration on behalf of their users,” said Martin Gontovnikas, VP of Growth & Marketing at Auth0. “We’re proud to be a Sentry SAML authentication launch partner, providing a flexible and extensible identity management and governance platform for the enterprise. Together, Auth0 and Sentry make error tracking more open, secure, and compliant.”
Sentry’s new OneLogin, Auth0, and Okta integrations support SAML-federated login, and Rippling streamlines admin for onboarding new users to your Sentry organization, with more integrations to come. Follow these three steps to set up identity management for your Sentry projects.
Step 1. On your access management solution provider’s integrations dashboard (OneLogin’s App Catalog, Auth0’s SSO Integrations page, Okta’s Application Network, Rippling’s Admin Dashboard), locate Sentry and add it to your organization.
Step 2. Next, retrieve the identity provider metadata from your service. You must provide the identity provider issuer URL for the metadata, which is under the SSO tab of the Sentry configuration page in OneLogin, under the Tutorial tab of the Sentry integration in Auth0, under the Sign-On Methods SAML2 settings panel in Okta, and surfaced during the Sentry provider configuration in Rippling.
Step 3. Last, go back to your Sentry organization to configure the integration. Find OneLogin, Auth0, Okta, or Rippling in your organization auth settings. Click to configure and enter the metadata URL from your access management service to Sentry.
Using a custom SAML 2.0 Identity Provider? No problem! Sentry has a generic SAML 2.0 SSO provider, which allows you to specify your own Identity Provider information. You can find Sentry’s SAML endpoints in our SSO documentation to configure your custom connector.
That’s it! You should be able to add Sentry to your SAML provider’s access dashboard for your users and easily provision new members and revoke access as your organization’s staffing changes. We’ll be adding integrations with more services in the future, so please let us know if you need support for a specific SAML app or would like to learn more about upgrading to a Sentry Enterprise plan.