As of mPulse 57 and SOASTA 57, SOASTA supports any Single Sign-On authentication process using SAML.
- Please visit the API Tokens help page for information regarding authentication tokens.
Single Sign-On Settings
To configure SSO:
- Log into your CloudTest or mPulse instance and click Company Settings on the leftmost panel. In order to access Company Settings, you must be a tenant admin.
- Under Single Sign-On Settings, place a checkmark next to the Enable single sign-on box.
- Grab the Metadata Discovery Endpoint from your IT department (or the customer for SOASTA admins), enter it in the IdP Metadata URL, and then click Fetch. The Issuer Entity ID will populate, and the Certificate now states Re-upload Certificate.
- Grab the IdP-initiated login URL from your IT department (or the customer for SOASTA admins). Enter it in the IdP Initiated URL text field in CloudTest or mPulse. Enter the Issuer Entity ID (or host name of IdP server).
For example, the entityID may be found in your IdP's metadata XML.
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="" entityID="soasta.my.salesforce.com" validUntil="2026-07-22T22:03:58.707Z">
- Enter the SAML ACS. This value will be given to your IT department by a SOASTA admin. This value will always be the hostname of the CloudTest/mPulse environment followed by concerto/services/saml/v2/doLogin
If you are integrating with the mPulse environment, the full SAML ACS URL will be:
- Enter the Targeted SAML ID. This value is IdP specific, and must be shared with a SOASTA admin (via documentation or the customer's IT department).
When we receive a SAML assertion, we must know what SAML AttributeStatement to look for when identifying a user. In the example below, the user is "mrtest." In order for SSO to work, the targeted username should be set to "userName," not "mrtest." (This is not universal: the targeted SAML ID could be the values "email", "id", etc. When in doubt, consult your IdP documentation.)
- The system will not allow you to proceed if you don't set a Certificate, an Issuer Entity ID, and a Targeted SAML ID.
- Hit Apply and leave company settings, and then return. The changes you entered should persist.
- To test your changes, log out of your current session, enter your username in the Login page, and then hit Enter. Do not enter your password.
API Token Creation
If you want to use SSO, you must use an API Token to authenticate with the CloudTest/mPulse repository API or any other SOASTA API you may use.
- Log into your CloudTest/mPulse instance.
- Go to My Settings on the leftmost panel.
- Generate a new API Token.
- Hit Apply.
- Go to the User Editor by double-clicking on the appropriate user and enter the API Token, under the General tab. Click OK when you're done.
For details on using the API Token, please see our API Token documentation.
User Initiates Single Sign-On
A user can initiate the SSO process by launching the IdP initiated URL provided to them by their organization. Alternatively, users can go to the login page of their CloudTest/mPulse environment. Where they can simply enter their CloudTest/mPulse username.
Integrating With Okta
To configure Okta to work with SOASTA, please visit the Okta documentation.