How to log in to Honeycomb using SAML SSO | Honeycomb
  1. Docs
  2. Get Started
  3. Configure Honeycomb
  4. Teams
  5. Configure Access
  6. Log in using SAML SSO

How to log in to Honeycomb using SAML SSO [Pro] [Ent]

Note
This feature is available as part of the Honeycomb Pro and Enterprise plans.

Pro and Enterprise Honeycomb Teams may be configured to support Single Sign On (SSO) through SAML Identity Providers (IdP). In this guide, you will learn how to use a SAML IdP to log in to a SAML-configured Honeycomb Team.

Before You Begin 

The team you would like to log in to must be configured for SAML SSO. Team Owners can use one of these guides to configure a team for SAML SSO:

You should have an account already configured within your team’s SAML IdP.

You must have access to the email address used for log in.

It is not necessary to already have a Honeycomb account to log in with SAML.

Log in to Your SAML Identity Provider 

To start the process of logging in to a SAML-configured Honeycomb Team, you must first log in to the SAML IdP configured for that Team.

If you already know the address of the SAML IdP for the Honeycomb Team, log in to the IdP and select the Service Provider that corresponds to the desired Honeycomb Team.

If you do not know the address of the SAML IdP, but you know the slug of the Honeycomb Team you are trying to access, navigate your web browser to https://ui.honeycomb.io/{team_slug}/sso/saml/login, or https://ui.eu1.honeycomb.io/{team_slug}/sso/saml/login if the team is in Honeycomb EU. For example, if trying to access a team with the slug hny in Honeycomb US, you would visit https://ui.honeycomb.io/hny/sso/saml/login. If the team is configured for SAML, the page redirects to the SAML IdP to log in.

Once logged in to your SAML IdP, you can either create a new Honeycomb Account or link an existing Honeycomb Account to this SAML Identity.

Log in as a new User 

The SAML IdP provides Honeycomb with an email address. If you have never logged into Honeycomb before, Honeycomb requires you to verify ownership of that email address.

To verify:

  1. Log in to your SAML IdP.
  2. Select the Service Provider that corresponds to the desired Honeycomb Team. Then, the IdP redirects you to Honeycomb.
  3. Honeycomb displays a landing page that asks you to check your email for the account activation link.
  4. Within your e-mail from Honeycomb, select the verification link. The page that appears redirects to the Honeycomb home page for the selected team.
Tip
The verification email may take some time to arrive. Be sure to check your spam folder!

Log in as an Existing Honeycomb User 

An existing Honeycomb user account may be linked to one or more SAML Identity Providers. If you have not already logged in with this SAML IdP, you will need to link the existing account to this SAML IdP and/or verify the email associated with the Honeycomb account.

  1. Log in to your SAML IdP.
  2. Select the Service Provider that corresponds to the desired Honeycomb Team.
  3. Based on your status as an Existing Honeycomb user:

If a Honeycomb account is already linked to the SAML IdP you are logging in with, the page redirects to the Honeycomb home page for the selected team.

If you are currently logged in to a Honeycomb account, Honeycomb displays a page asking you to confirm the link.

  1. Review the information presented on the page and verify it looks correct. Refer to the section “SAML Information on the Link Account page” below for an explanation of the presented information.
  2. Based on the appearance of the information:
    1. If the information appears correct, select Link account to complete the log in process and link the currently-logged-in Honeycomb account to this SAML IdP.
    2. If the information does not appear correct, or you do not wish to link this Honeycomb account to this SAML IdP, select Cancel to cancel the account link.

If a Honeycomb account exists for the provided email address, Honeycomb displays a landing page that asks you to check your email for the account activation link.

Within your e-mail from Honeycomb, select the verification link. The page that appears redirects to the Honeycomb home page for the selected team.

SAML Information on the Link Account page
Title Description
SAML Identity This is an identifier provided by the SAML provider to identify your user account. It is often your email, but it may be another form of identifier. This is useful for troubleshooting.
Issuer (SAML Provider) This is an identifier for the SAML provider you tried to log in with.
Honeycomb Account This is the email associated with your currently-logged in Honeycomb account.
Team This is the team the identity provider is configured for. If you are not already on this team, you will be joined to this team after linking your account.
On this page: