When configuring Single Sign-On (SSO) for a DX SaaS (DXO2) tenant, administrators require specific Service Provider (SP) metadata details, specifically the Entity ID (Identifier) and Reply URLs (Assertion Consumer Service - ACS), to complete the integration within their Identity Provider (IdP) such as Azure AD, Okta, or PingIdentity.

Product: DX Operational Intelligence (DX SaaS)
Deployment: SaaS (EU or NA Regions)
Component: SSO / SAML Authentication

To enable SSO, you must manually construct the Entity ID and ACS URL based on your specific tenant name.

1. Construct the Entity ID (Identifier)

The Entity ID is formed by adding the prefix DXI_ followed by your unique tenant name.

• Format: DXI_[tenant_name]
• Example (Tenant: mycompany_nonprod): DXI_mycompany_nonprod

2. Identify the Reply URL (Assertion Consumer Service - ACS)

The Reply URL depends on the region where your tenant is hosted. Append /ess/authn/ and your [tenant_name] to the regional gateway URL.

3. IDP-Initiated URL

DX SaaS does not provide a pre-generated IDP-Initiated URL.

• Once you save the Entity ID and ACS URL in your Identity Provider (e.g., Azure AD or Okta), the IdP will automatically generate the IDP-Initiated URL for your application.

More details in the documentation:

https://techdocs.broadcom.com/us/en/ca-enterprise-software/it-operations-management/dx-operational-observability/saas/settings/user-administration/manage-users/manage-saml-users-saas.html