cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Testing SSO with Synthetic Monitoring

kalle_lahtinen
DynaMight Mentor
DynaMight Mentor

Hi,

Tried searching extensively, but didn't find anything regarding the topic.

Would it be possible to generate a synthetic browser monitor or clickpath that's using SSO (e.g. SAML2 or Kerberos ticket)?

This would obviously be something that we set up for a private ActiveGate.

What's funny is I found an old note written by myself, saying that SSO synthetic support is on the roadmap for Q2/2020 - but I have no idea anymore where I got that info from 🙂

8 REPLIES 8

ChadTurner
DynaMight Guru
DynaMight Guru

Im not 100% sure it is fully supported at this moment, but i do know they released the Credential Vault and that might play a big role in SSO for synthetic monitors.

https://www.dynatrace.com/support/help/how-to-use-dynatrace/synthetic-monitoring/general-information...

-Chad

Hi, Private Vault is trully a great feature. But in your posted URL it is written "Certificate credentials are used in HTTP monitors—you can add a client certificate to an HTTP request.". It would be great to use Certificates also for Browser Monitor. We do have a lot of applications where users are authenticated with Client Certificates.

I don't have a solution (yet), but I admire the problem 🙂

urs_fischer
Helper

Do you know more about this? We also have a lot of Applications using SSO and we think about if it is possible to use Synthetic Browser Monitoring.

I don't have a solution (yet), but I admire the problem 🙂

olga_wall
Contributor

Hi,

have there been any updates on using client certificates for authentification within browser monitors since 2020? I've checked the current documentation on the credential vault but it still referrs to HTTP monitors only in this scenario.

HannahM
Dynatrace Champion
Dynatrace Champion

No, it's not currently in the product. If you are using Windows Private Locations you can upload the certificate to the Chromium used by the player. I can provide the information if that is something you would like to try?

This sounds like exactly what I'd need in this case but unfortunately only a Linux Private Location is available at the moment. 🙁

I've been thinking about creating a certificate based HTTP monitor to create an authentification token, storing it in the credentials vault and then using it within the browser monitor but I haven't tried it yet.

Do you have any experience with this scenario? Any pitfalls?

HannahM
Dynatrace Champion
Dynatrace Champion

That's a shame. Yes, I know that other customers have done exactly that. No, I'm not aware of any problems/ pitfalls with your suggestion. I guess the only thing you might need to be aware of is how long your token is valid and how regularly the Browser Monitor executes. You will not be able to schedule the monitors to run at specific times so just need to ensure that the token is never stale when the Browser monitor needs it. 

Thanks for the tips, Hannah! I will take token validity into account when scheduling the monitors.