This guide walks through enabling SAML authentication for your Gemfury organization. Setup requires two phases: initial configuration and finalization after receiving your Provider ID.

Service Provider Information

Configure your IdP with these Gemfury settings. Replace PROVIDER_ID with the identifier assigned after initial setup.

Name ID Format options:

• Email — Uses email address as identifier (simpler, but may break if user’s email changes)
• Persistent — Uses an opaque identifier (recommended for stability)

Setup Overview

SAML configuration requires two phases because you need your Provider ID to configure the correct ACS URL and Entity ID in your IdP.

Phase 1: Initial Setup

1. Log in to manage.fury.io and select your organization
2. Go to Settings → Single Sign-On
3. In your IdP, create a placeholder SAML application (you can use temporary ACS/Entity values)
4. Download metadata XML from your IdP
5. Paste the metadata XML into Gemfury
6. Select a default role for new users:
   • pull — Read-only access (default)
   • push — Read and publish packages
   • owner — Full administrative access
7. Submit the configuration

Your provider enters submitted state pending review.

Phase 2: Finalization

After activation, you’ll receive your PROVIDER_ID via email:

1. Update your IdP with the correct URLs using your assigned PROVIDER_ID:
   • ACS URL: https://manage.fury.io/auth/saml/PROVIDER_ID/callback
   • Entity ID: https://manage.fury.io/auth/saml/PROVIDER_ID
2. Download fresh metadata XML from your IdP (if metadata includes SP details)
3. Update the metadata in Gemfury SSO settings if needed
4. Test authentication (see IdP Configuration — Testing)

Next Steps

See IdP Configuration to complete setup in your Identity Provider.