Authentication

Account Invitation and Registration

API Hub for Contract Testing users authenticate with SmartBear ID. See the SmartBear ID Documentation to learn about the login process and options.

Regardless of how a user authenticates, all users must first be invited by a API Hub for Contract Testing administrator before access is granted. See this guide on User Administration. Once a user has been invited, they will receive an invitation email requesting they login or create an account.

Social Logins

Eligible plans: all

SmartBear ID supports social login access via Github, Google and Microsoft. During account registration, the user can choose their preferred login option.

SSO with SAML 2.0

Eligible plans: Enterprise

API Hub for Contract Testing supports SAML 2.0 integration with a compatible Identity Provider (IdP) such as Okta, Ping, Auth0, Azure AD, OneLogin, etc.

SAML2.0 allows you to externalise the authentication and access to your API Hub for Contract Testing account. Authorization and fine-grained permissions are managed within your account by an account Administrator.

We do not currently support the following:

  • Automated user deprovisioning (users will appear "active" and count toward user limits, although will not be able to login if disabled in the IdP)

  • IdP initiated login

  • Service Provider (SP) initiated logout flow

  • SCIM*

Once SAML 2.0 has been configured on a API Hub for Contract Testing instance, all users for the email domain are forced to authenticate via SAML 2.0, even if they had previously registered a username/password or social login.

Troubleshooting

If you run into any issues, please refer to the SmartBear ID documentation.SmartBear ID Documentation

Publication date: