PagerDuty PagerDuty Configurationy Log into your PagerDuty admin session and go to Account Settings and in the Single Sign-On tab Choose the SAML option and fill the following fields: X.509 Certificate $cert = “MIIDXXX…XXXNTYw==” Login URL https://https://mydomain.trustelem.com/app/33XXXX/sso Logout URL (optional) https://https://mydomain.trustelem.com/app/33XXXX/on_logout By checking Allow username/password login you allow users to log in with their username and password and don't force them to log in through SSO By checking Auto-provision users on first login you allow users who do not have an account in PagerDuty to be created and to join your organization at their first login through SSO Trustelem Configuration On Trustelem, write your PagerDuty organization name in the corresponding field You can also modify the custom scripting and add a role attribute in the script Four different roles can be send as attributes: admin (Global Admin), limited_user (Responder), user (Manager) and read_only_user (Stakeholder) If a user logs in through SSO for the first time, his role will be this attribute. If there's no attribute his role will be 'user' https://https://mydomain.trustelem.com/app/33XXXX/on_logout