Authentication
Account Invitation and Registration
API Hub for Contract Testing users authenticate with SmartBear ID. See the SmartBear ID Documentation to learn about the login process and options.
Regardless of how a user authenticates, all users must first be invited by a API Hub for Contract Testing administrator before access is granted. See this guide on User Administration. Once a user has been invited, they will receive an invitation email requesting they login or create an account.
SSO with SAML 2.0
Eligible plans: Enterprise
API Hub for Contract Testing supports SAML 2.0 integration with a compatible Identity Provider (IdP) such as Okta, Ping, Auth0, Azure AD, OneLogin, etc.
SAML2.0 allows you to externalise the authentication and access to your API Hub for Contract Testing account. Authorization and fine-grained permissions are managed within your account by an account Administrator.
We do not currently support the following:
Automated user deprovisioning (users will appear "active" and count toward user limits, although will not be able to login if disabled in the IdP)
IdP initiated login
Service Provider (SP) initiated logout flow
SCIM*
Once SAML 2.0 has been configured on a API Hub for Contract Testing instance, all users for the email domain are forced to authenticate via SAML 2.0, even if they had previously registered a username/password or social login.
Troubleshooting
If you run into any issues, please refer to the SmartBear ID documentation.
Social Logins
Eligible plans: all
SmartBear ID supports social login access via Github, Google and Microsoft. During account registration, the user can choose their preferred login option.