Black Duck by Synopsys cloud application

You must be signed in as a super administrator for this task.

Using Security Assertion Markup Language (SAML), your users can use their Google Cloud credentials to sign in to enterprise-cloud applications.

Note: Black Duck must be deployed on Google Compute Engine (GCE), Amazon Web Services (AWS) or Azure. For deployment instructions please refer to Black Duck’s cloud platform documentation.

Set up SSO via SAML for Black Duck

Step 1: Set up Google as a SAML identity provider (IdP)
  1. Sign in to your Google Admin console.

    Sign in using your administrator account (does not end in @gmail.com).

  2. From the Admin console Home page, go to Apps and then SAML Apps.

    To see Apps on the Home page, you might have to click More controls at the bottom. 

  3. Click Add Add at the bottom right.
  4. Locate and click Black Duck by Synopsys in the application list.
  5. On the Google IDP Information page, download the IDP metadata file.
  6. Click Next.

    The Basic information window shows the Application name and Description seen by users.

  7. Click Next.
  8. On the Service Provider Details page, edit the ACS URL and Entity ID replacing {your-domain} with the the domain where Black Duck is installed.
  9. Click Next.
  10. On the Attribute Mapping page, set the Select category and Select user field values as follows for the listed attributes:
     
    Application attribute Select category Select user field
    FirstName Basic Information First Name
    LastName Basic Information Last Name
    Email Basic Information Primary Email
    Name Basic Information  
  11. Click Finish.
Step 2: Set up Black Duck as a SAML 2.0 service provider (SP)
  1. Open a new incognito browser window.
  2. Sign in to Black Duck with your admin account.
  3. Click Administration and select SAML Integration.
  4. Check Enable SAML.
  5. In the Service Providers Entity URL enter the URL to the Hub.
  6. In the Identity Provider Metadata text box, paste the contents of the IDP metadata file you downloaded in Step 1.
  7. Click Save.
  8. Connect via Secure Shell (SSH) to the Hub server.
  9. In the docker-compose directory, edit the hub-proxy.env file as follows: add the following line to the end of the file, replacing {url-to-the-hub} with the URL of the instance where Black Duck is deployed:
    • HUB_SAML_EXTERNAL_URL={url-to-the-hub}
  10.  Restart the Hub Instance.
Step 3: Enable the Black Duck app
  1. Sign in to your Google Admin console.

    Sign in using your administrator account (does not end in @gmail.com).

  2. From the Admin console Home page, go to Apps and then SAML Apps.

    To see Apps on the Home page, you might have to click More controls at the bottom. 

  3. Select Black Duck.
  4. At the top right of the gray box, click Edit Service Compose.

  5. To apply settings to all organizations, click On for everyone or Off for everyone, and then click Save

  6. To apply settings to individual organizational units, do the following: 

    • At the left, select the organizational unit that contains the users whose settings you want to change.
    • To change the setting, select On or Off.
    • To keep the setting the same, even if the parent setting changes, click Override.
    • If the organization's status is already Overridden, choose an option:
      Inherit—Reverts to the same setting as its parent.
      Save—Saves your new setting (even if the parent setting changes).

    Learn more about the organizational structure.

  7. Ensure that your Black Duck user account email IDs match those in your Google domain.
Step 4: Verify that the SSO is working

Note: Black Duck only supports SSO if you sign in from Google. You can’t use SSO if you sign in directly to Black Duck.

  1. Sign in to your Google account.
  2. Click the App Launcher App Launcher and then More, and select Black Duck.
  3. Enter your Google sign in credentials.

    You should be automatically redirected and signed in to your Black Duck account.

Was this article helpful?
How can we improve it?