topic Re: Testing SSO with Synthetic Monitoring in Synthetic Monitoring

Testing SSO with Synthetic Monitoring

kalle_lahtinen — Tue, 15 Mar 2022 17:29:32 GMT

Hi,

Tried searching extensively, but didn't find anything regarding the topic.

Would it be possible to generate a synthetic browser monitor or clickpath that's using SSO (e.g. SAML2 or Kerberos ticket)?

This would obviously be something that we set up for a private ActiveGate.

What's funny is I found an old note written by myself, saying that SSO synthetic support is on the roadmap for Q2/2020 - but I have no idea anymore where I got that info from 🙂

Re: Testing SSO with Synthetic Monitoring

ChadTurner — Fri, 22 May 2020 14:03:07 GMT

Im not 100% sure it is fully supported at this moment, but i do know they released the Credential Vault and that might play a big role in SSO for synthetic monitors.

https://www.dynatrace.com/support/help/how-to-use-dynatrace/synthetic-monitoring/general-information/credential-vault-for-synthetic-monitors/

Re: Testing SSO with Synthetic Monitoring

urs_fischer — Fri, 21 Aug 2020 14:44:20 GMT

Hi, Private Vault is trully a great feature. But in your posted URL it is written "Certificate credentials are used in HTTP monitors—you can add a client certificate to an HTTP request.". It would be great to use Certificates also for Browser Monitor. We do have a lot of applications where users are authenticated with Client Certificates.

Re: Testing SSO with Synthetic Monitoring

urs_fischer — Fri, 21 Aug 2020 14:46:48 GMT

Do you know more about this? We also have a lot of Applications using SSO and we think about if it is possible to use Synthetic Browser Monitoring.

Re: Testing SSO with Synthetic Monitoring

olga_wall — Tue, 15 Mar 2022 17:24:45 GMT

Hi,

have there been any updates on using client certificates for authentification within browser monitors since 2020? I've checked the current documentation on the credential vault but it still referrs to HTTP monitors only in this scenario.

Re: Testing SSO with Synthetic Monitoring

HannahM — Fri, 18 Mar 2022 14:09:05 GMT

No, it's not currently in the product. If you are using Windows Private Locations you can upload the certificate to the Chromium used by the player. I can provide the information if that is something you would like to try?

Re: Testing SSO with Synthetic Monitoring

olga_wall — Fri, 18 Mar 2022 14:19:17 GMT

This sounds like exactly what I'd need in this case but unfortunately only a Linux Private Location is available at the moment. 🙁

I've been thinking about creating a certificate based HTTP monitor to create an authentification token, storing it in the credentials vault and then using it within the browser monitor but I haven't tried it yet.

Do you have any experience with this scenario? Any pitfalls?

Re: Testing SSO with Synthetic Monitoring

HannahM — Fri, 18 Mar 2022 16:02:19 GMT

That's a shame. Yes, I know that other customers have done exactly that. No, I'm not aware of any problems/ pitfalls with your suggestion. I guess the only thing you might need to be aware of is how long your token is valid and how regularly the Browser Monitor executes. You will not be able to schedule the monitors to run at specific times so just need to ensure that the token is never stale when the Browser monitor needs it.

Re: Testing SSO with Synthetic Monitoring

olga_wall — Fri, 18 Mar 2022 15:13:03 GMT

Thanks for the tips, Hannah! I will take token validity into account when scheduling the monitors.

Re: Testing SSO with Synthetic Monitoring

SabineR — Wed, 18 Oct 2023 11:54:04 GMT

Hi Hannah,

can you provide the information how to do it?

Many thanks in advance

Sabine

Re: Testing SSO with Synthetic Monitoring

HannahM — Wed, 18 Oct 2023 12:13:24 GMT

What are you trying to do?

Re: Testing SSO with Synthetic Monitoring

SabineR — Wed, 18 Oct 2023 12:19:38 GMT

We need to create a browser monitor, but the authentication is SSO.

Or with a LTPA certificate.

So, I'm looking any advice on.

Re: Testing SSO with Synthetic Monitoring

HannahM — Wed, 18 Oct 2023 12:22:50 GMT

That's great. You can find information on adding SSO credentials to a monitor here. Client-side certificates can be added to Browser Monitors running on public locations or Linux OS Synthetic ActiveGates using the instructions here

Re: Testing SSO with Synthetic Monitoring

SabineR — Wed, 18 Oct 2023 12:34:13 GMT

Thank you!