Manage multi-tenant SSO
Moogsoft Cloud supports multi-tenant SSO configurations across several Moogsoft instances. For setup information, see Configure SSO to support multiple tenants.
The first instance configured in a multi-tenant setup (the primary) controls SSO for the other instances. When you select the multi-tenant option for additional instances, they receive the SSO configuration from the primary.
Because of this dependency, it is very important that you perform any later configuration changes from the right location. Making a change from the wrong location could negatively impact the SSO setup for all instances.
Enabling and disabling SSO. This also impacts all multi-tenant instances.
Updating an expired SSO certificate
Making changes in Auth provider details, such as the issuer ID, the client ID, or the client secret
Login domains, role mappings and group mappings applicable only to the primary instance
Role and group mappings applicable to a multi-tenant instance
Login domains applicable to a multi-tenant instance
Note
Some updates on the primary result in changes to the Configuration ID. When the Configuration ID changes, you must repeat copying and pasting it to the multi-tenant instances. Only changes which require rebuilding the connection on the primary cause the Connection ID to change.
If you are unsure whether you need to update your multi-tenant Connection IDs, compare the current Connection ID on a multi-tenant instance with the primary. When there is a mismatch, you must update the multi-tenant Connection IDs.
Important
Use caution when replacing the Connection ID on multi-tenant instances. Improperly replacing the ID could result in SSO failure for all instances.