1. Everbridge
  2. Knowledge
  3. Single Sign-On (SSO)
  4. Configuration

EBS: Single Sign-On (SSO) Prerequisites

Updated
Diane McCoy
Optimized Resolution Standard Resolution High Resolution

Topic

Prequisites for configuring Single Sign-On (SSO) in Everbridge.

Description

Before configuring SSO in Everbridge, several preparatory steps are required.

1. Break Glass Access

Set up Break Glass Access

'Break Glass Access' or 'Break Glass Credentials' refer to a set of backup credentials that allow users to sign into the Everbridge platform directly without using Single Sign-On (SSO). For example, an emergency Notification or Incident may need to be sent during an SSO outage or when SSO is being reconfigured. 

To set up Break Glass Access, see knowledge article EBS: Single Sign-On (SSO) Break Glass Access in Everbridge Suite.

2. API Name (API_NAME)

Determine the API Name (API_NAME) for each SSO Configuration

API Name is a unique name that you create to identify your SSO configuration(s).  API Names must be unique across all Organizations and Accounts. Everbridge uses this attribute to generate an Everbridge Login URL. An API Name is required for each SSO configuration for both the Manager Portal and Member Portal configurations.

3. Organization ID (ORG_ID)

Determine the Organization ID (ORG_ID) for each Organization when configuring SSO for the Member Portal

NOTE: This information is not needed if you are configuring SSO for the Manager Portal or ManageBridge

Organization ID is a unique ID that is generated at the time an Organization is created and uniquely identifies that Organization. This identifier is required when configuring SSO for a Member Portal. No Organization ID is required when configuring SSO for the Manager Portal. To determine the Organization ID for one or more of your Organizations, see knowledge article EBS: Locating Your Organization Details in Everbridge Suite.

4. Identity Service Provider (IdP) Metadata File

Update the IdP Settings, then Download the Identity Service Provider (IdP) Metadata File

The Identity Service Provider Metadata is an XML file that uniquely identifies your SAML IdP and is uploaded into Everbridge during initial SSO setup. Before configuring SSO in Everbridge, you must first update your IdP as described below, then download the updated IdP metadata for import into Everbridge:

  1. Configure the ACS URLs (SSO URLs) in the IdP using the format below:

An Assertion Consumer Service (ACS) URL is an endpoint on a Service Provider (SP) that tells an Identity Provider (IdP) where to redirect an authenticated user after sign-in. These are the URLs a user uses to log in to an application via SSO. The ACS URL is also known as the Single Sign-On URL.

Manager Portal ACS URL:
https://manager.everbridge.net/saml/SSO/{API_NAME}/alias/defaultAlias

Member Portal ACS URL:
https://member.everbridge.net/saml/SSO/{API NAME}/{ORG_ID}/alias/defaultAlias

  1. Configure the Entity IDs in the IdP using the format below:

The Entity ID (Entity ID URL) is a unique identifier for an Identity Provider or Service Provider. It is used to identify each party in the SSO process. The Entity ID is also known as the issuer.

Manager Portal Entity ID:
https://sso.everbridge.net/{API_NAME}

Member Portal Entity ID:
https://sso.everbridge.net/{API_NAME}/{ORG_ID}

  1. Download the IdP Metadata File
  1. Upload this file into Everbridge where prompted when configuring SSO.

Related References

EBS: Single Sign-On (SSO) Terms and Definitions

Was this article helpful?
0 out of 0 found this helpful

Article Feedback


While we can’t respond to you directly, we’d love to know how we can improve the article.

Please sign in to leave a comment.