cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Bill.Howard
Moderator
Moderator

AppDynamics Identity Provider users get a seamless SSO experience across AppDynamics products and services

ClaudiaLandivar_0-1657317406717.pngBeginning with v22.6.0, users authenticated by the global AppDynamics Identity Provider (AppD IDP) will only need to sign in to an authorized AppDynamics product or service once.

Now, these users will only need to sign in to AppDynamics once. As they navigate from one to another of their authorized AppDynamics products and services, they will not be asked for their password again.

NOTE | This change does not affect current Controller local, SAML, and LDAP users, who can continue to sign in as they always have, without disrupting their access.

On the horizon…

Though this feature is currently only available for users added since v21.11, the ability to convert an existing (pre-v21.11) user account to the new SSO-enabled AppDynamics managed user identity is planned for later in 2022. Be on the lookout for an announcement describing this conversion in the future.

 

In this article…

 

 

Frequently asked questions

 

Getting started with AppDynamics SSO

 

How do I know…

 

Questions from Admins

 

Additional resources

 

Frequently asked questions

Getting started with AppDynamics SSO

How do I sign in so I can see and navigate to my AppDynamics products and services?

AppDynamics IDP users can use the following steps to view and navigate to their AppDynamics products and services:

  1. Navigate to https://accounts.appdynamics.com/personal-profile 
  2. Sign in as usual from any AppDynamics product or service:

Starting from your Controller account

  1. Enter your account name
  2. Enter your username (which is your email address)
  3. Click Next
    The system will recognize you as an AppD IDP user and redirect you to the AppD IDP for authentication. 
  4. Enter your username again and click Next.
  5. Enter your password and click Sign in.
    You will land in the Controller signed in.

Starting from any accounts service
(like University or Community)

  1. Click Sign in
  2. Enter your username (which is your email address)
  3. Click Next
  4. Enter your password and click Sign in.
    Once signed in, you will see your target experience. 
  5. From the mini-profile (look for your username in the top of the screen), choose “Manage my Profile” or access this link.

    From here you can see any AppDynamics Controllers to which your profile is associated, as well as all related services (i.e., AppD University, Community, Documentation, Support)

    Each time you click a Controller or service from your personal profile, it will open in an active (already authenticated) new tab.

Where is the password field in the sign-in screen?

The password field appears once you enter the username and click next. It may either appear on the same screen, or once you are redirected to your “global” sign-in page.

 

Why do I have to enter my username twice?

You need to enter your username twice when first signing in due to our use of a global identity provider.

TIPS | Use the “Remember me” functions to further streamline all your future logins. 

Alternatively, sign in to your personal profile page first. It will show you everything you have access to and provide direct access links.

 

Can I change my local Controller account if I am not currently a global AppDID User?

We are working on a migration to AppD IDP user capability that will upgrade your existing Controller account to AppD IDP. It is on the roadmap for later this year.

 

What if an AppD IDP account is used for a service account API authentication on a Controller?

You can expect successful authentications when an AppD IDP account is used for a service account AppD IDP authentication on a Controller. The service account can be authenticated without the SSO flow.

That said, we recommend that customers move to our OAUTH-based API clients for this process , wherever possible, to improve security. See the documentation for this feature here.

Back to TOC

 

How do I know…

What is the AppD IDP and how do I know whether I’m using it?

AppD IDP stands for “AppDynamics Identity Provider”. Until now, each Controller has served as its own identity provider. From this point forward, we are moving that function to the AppD IDP, a global AppDynamics Identity Provider.  

If you have chosen SAML or LDAP as your authentication provider in the Controller tenant authentication provider settings tab, then you are not using the new AppD IDP for user identity management, but instead are using your own provider. If your Controller tenant has “AppDynamics” selected in the Controller tenant authentication provider tab, then users created since v21.11  are using the AppD IDP for user identity management. 

 

How can I tell whether or not I’m an AppDynamics Identity Provider user?

If your account was created between now and v21.11, and your email address is your username, then you are an AppDynamics Identity Provider user.  

You can confirm this by logging into your personal profile at https://accounts.appdynamics.com/personal-profile. If the Assigned Controller Tenants sections lists the Controllers you use, you are an AppDynamics Identity Provider user.

Legacy local AppDynamics user accounts are those created before v.21.11 that do not use email as their username.

NOTE | As with Controller based SAML and LDAP users, current pre-v21.11 legacy local users can continue to sign in as they always have, without a disruption to their access.

Back to TOC

 

Questions from Admins

As an admin, can I set these users to be authenticated my IDP in the Account Management Portal?

Yes! This is like any other AppDIDP-managed user except that when they sign in, they will be redirected to the customer IDP. Just add the user using their email address to the Controller account. 

 

As an admin, how do I give users access to a Controller tenant?

The user must be added from the Controller users page, using their email address. If a user’s email exists in the AppD IDP, that account will be used for SSO features.

NOTE | Users cannot be given access to a Controller tenant from the Accounts Management Portal at this time.

Back to TOC

 

Additional Resources

You may find the following AppDynamics Documentation resources useful:

Also related to this topic are the following Knowledge Base articles:

Version history
Last update:
‎07-18-2022 09:42 AM
Updated by:
Contributors