Skip to main content


  • Log into your Zabbix admin session and in Administration go to Authentication

  • Go to the SAML tab, check Enable SAML authentication and fill the following fields:

    • IdP entity ID
    • SSO service URL
    • SLO service URL
    • Username attribute
    • SP entity ID
  • Download Trustelem certificate and go to the zabbix.conf.php file and at line $SSO['IPD_CERT']= '' add the path to the downloaded certificate For example on Ubuntu the conf file is located at /etc/zabbix/web/zabbix.conf.php and the line should look like $SSO['IDP_CERT'] = '/home/user/cert.pem';

Trustelem Configuration

  • On Trustelem add the path to Zabbix UI, it can look like http://[ip-local]/zabbix/

  • By default the username will be the user email, if you want to change it and put firstname.lastname for example, you can add these lines in Custom scripting:

function CustomSAMLResponse(msg: SAMLResponse, user: User, groups: Groups, deny: Deny): void {
  msg.setAttr("username", user.firstname+"."+user.lastname);