From today, all Tines plans will include Single-Sign-On support as standard. Previously, SSO/SAML was only available to customers on an Enterprise plan. In this post, we explore our rationale for making this change and include examples for how to use Tines with popular IAM providers OneLogin and Okta.
Security should not cost extra
We’re proud of fact that the Tines Security Automation and Orchestration platform is secure and private by design. All Tines customers, regardless of price plan, receive mandatory two-factor authentication on all accounts and granular control over data residency and retention. Additionally, Tines leverages a single tenant architecture, meaning every instance has dedicated and segregated infrastructure.
However, until today, only customers on an Enterprise plan could avail of SSO/SAML. Identity and access management is (or should be!) a priority for every security team, not just large enterprises. So, we asked ourselves why we only support SSO/SAML for a subset of security teams. Outside of “hey, it’s what everyone else does”, we didn’t have a good answer. Today, we’re fixing that. Updated information on our plans are available here – for pricing contact firstname.lastname@example.org.
Using Tines SSO/SAML with your IDP
To make Tines Single-Sign-On deployment easier, prebuilt apps are available in both the OneLogin Application Catalog and the Okta Integration Network.
Using Tines SSO/SAML with OneLogin
- Sign into your OneLogin administration portal.
- Choose Apps -> Add Apps.
- In the “Find Applications” page, enter “Tines” in the search box.
- Click on the Tines application.
- In the Tines configuration, enter your tenant name (subdomain), i.e. https://tenant-name.tines.io.
- From the “SSO” tab copy/download your X509 certificate, then send it to email@example.com
- Finally, click “SAVE”.
Using Tines SSO/SAML with Okta
- From your Okta Admin portal, choose Applications -> Add Application.
- Search for “Tines” in the search box.
- Click “Add”.
- Next, in the the required settings, enter your tenant name.
- Once the application has been added, from the admin portal, choose it from the list of applications.
- Now, click “View setup instructions” from the “Sign On” tab
- Finally, send the Login URL/SignOn URL and X509 certificate to firstname.lastname@example.org.
If you require assistance configuring SSO/SAML support with Tines, our support team are here to help. Contact us at email@example.com.