Edit this page
Report an issueConfigure generic SSO for Dev Portal
You can configure single sign-on (SSO) for Konnect Dev Portal with OpenID Connect (OIDC) or SAML. This allows developers to log in to Dev Portals by using their IdP credentials, without needing a separate login.
This page provides general instructions for configuring SSO across identity providers. See Set Up SSO with Okta for specific instructions on setting up SSO with Okta.
Keep the following in mind when configuring SSO for Dev Portal:
- Developers are auto-approved by Konnect when they use SSO to log in to the Dev Portal. This is because Kong outsources the approval process to the IdP instance when using SSO. Therefore, you must restrict who can sign up from the IdP rather than through Konnect.
- If you plan on using team mappings from an IdP, they must be from the same IdP instance as your SSO.
- If you have multiple Dev Portals, keep in mind that each Dev Portal has a separate SSO configuration. You can use the same IdP for multiple Dev Portals or different IdPs per Dev Portal.
- Dev Portal SSO is different than the SSO for Konnect. If you want to use SSO to log in to Konnect, you must configure that separately.
It is recommended to use a single authentication method, however, Konnect supports the ability to combine built-in authentication with either OIDC or SAML based SSO. Combining both OIDC and SAML based SSO is not supported. Keep built-in authentication enabled while you are testing IdP authentication. Only disable built-in authentication after successfully testing the configurations in these guides.
