# PagerDuty

#### PagerDuty Configurationy

* Log into your PagerDuty admin session and go to Account Settings and in the Single Sign-On tab

* Choose the SAML option and fill the following fields:
  * X.509 Certificate

  ```exp
  $cert = “MIIDXXX…XXXNTYw==”
  ```

  * Login URL

  ```exp
  https://https://mydomain.trustelem.com/app/33XXXX/sso
  ```

  * Logout URL (optional)

  ```exp
  https://https://mydomain.trustelem.com/app/33XXXX/on_logout
  ```

* By checking Allow username/password login you allow users to log in with their username and password and don't force them to log in through SSO

* By checking Auto-provision users on first login you allow users who do not have an account in PagerDuty to be created and to join your organization at their first login through SSO

#### Trustelem Configuration

* On Trustelem, write your PagerDuty organization name in the corresponding field

* You can also modify the custom scripting and add a role attribute in the script
Four different roles can be send as attributes: admin (Global Admin), limited_user (Responder), user (Manager) and read_only_user (Stakeholder)
If a user logs in through SSO for the first time, his role will be this attribute. If there's no attribute his role will be 'user'

```exp
https://https://mydomain.trustelem.com/app/33XXXX/on_logout
```