Cirrus Console Documentation

Cirrus Product Documentation
Last updated June 26, 2026

Table of Contents

Overview

Getting Started

Dashboard Overview

Manage Admins

Manage Tenants

User Interface

Event Logs

 

Overview

The Cirrus Console is an integrated web based administrative interface for Cirrus Identity Products. Customers authenticate using their organization's Identity Provider. After initial setup, customers are able to authorize additional administrators without contacting Cirrus Identity.

Based on access, administrators are able to manage and update their organization. Functionality is based on service subscriptions. Products and functionality are grayed out when they are not part of a customer’s portfolio.

 

Getting Started

The Cirrus Console is the tool admins will use to configure integrations, including management of Authentication Providers (IdPs) and Applications, user interface styling, and more. The Cirrus Console supports federated and social login via our own Discovery and Gateway services. Our customers access the Cirrus Console from their enterprise accounts, so the first step is to establish trust between the Cirrus Console and your enterprise IdP.

1) Your institutional IdP configuration

To log in to the Cirrus Console, Cirrus Identity recommends your institutional IdP release both the mail and eduPersonPrincipalName (ePPN) attributes to the Console service provider.

The service provider for the Console is listed in the InCommon metadata with an entityID of: "https://apps.cirrusidentity.com/shibboleth"

2) Make sure you are provisioned as an organizational administrator in the Console

Subscribing customers will have initial organizational administrators (Org Admins) provisioned as part of customer onboarding. Check the box titled ‘Grant org admin privileges’.

 

3) Log into the Cirrus Console

Once the individual is set up as an administrator and the organization’s Identity Provider is releasing email and/or ePPN attributes to the Console, the individual can try logging in by selecting “Cirrus Console” from the Cirrus Identity website top navigation bar. The individual will be taken to a Cirrus Discovery Service screen. The individual’s organization will be available as a provider choice. See the next section for additional detail.

 

Logging in to the Cirrus Console

To access the Cirrus Console, click the at the top of the Cirrus Identity website.

 

Once you reach the login page, you will need to select your identity/login provider from the Cirrus Discovery Service.

 

You can search for your provider by typing in the text field. If your provider is not listed and/or you receive an error message, please contact support@cirrusidentity.com.

 

Dashboard Overview

Once logged into the Console, you will be presented with a unified view of your organization’s tenants.

 

The dashboard provides high level information regarding the tenant, as well as the ability to manage configuration on the specific tenant by selecting the gear box to the left of the tenant.

 

The Organization section lists the organization you are associated with and will be highlighted if you are an organization level administrator. In order to manage access to the Console or run event logs, you will need to navigate to the Organization page.

 

Managing Admins

The Admins page is where you manage the attributes about the admins for your organization. On this page you can create and edit admins. Once you have an admin created, you can make that admin an Org Admin on the Organization page.

 

Add a New Admin

To add a new administrator, click New Admin on the Admins page. Enter the administrator’s first name, last name, email address, and eduPersonPrincipalName (ePPN). Once the required information has been provided, click Add Admin to create the administrator account.

 

The Grant org admin privileges option determines the level of access assigned to the administrator. When selected, the user becomes an Organization Administrator (Org Admin) and is granted administrative access across the organization and its associated Cirrus products. If this option is not selected, the user is created as a standard administrator and can be granted access only to specific services or products as needed.

 

Note: Creating an administrator and granting Org Admin privileges are separate actions. All Org Admins are administrators, but not all administrators are Org Admins. Assign Org Admin privileges only to users who require organization-wide administrative access.

 

Managing Tenants

The Tenants page provides access to all tenant types within your organization, including Bridge and Proxy tenants. From this page, org admins can view tenant details, manage configurations, access associated applications, and perform tenant-specific administrative tasks. Select a tenant to view and manage its settings and resources.

 

Bridge

The Bridge Tenant Details page provides access to tenant configuration, authentication provider settings, and application management. Org Admins can use this page to review tenant information, configure authentication providers, and manage SAML and CAS applications associated with the Bridge.


Tenant Type

Displays the type of Bridge tenant that has been provisioned.

 

Example: Standalone Bridge

 

Tenant Name (Friendly Name)

Displays both the internal tenant identifier and the user-friendly display name associated with the Bridge.

 

Created

The date and time the tenant was created.

 

Updated

The date and time the tenant was last modified.

 

Test Implementation

Launches the test implementation workflow used to validate Bridge configuration prior to production use.

 

Enhanced Diagnostics

Displays a diagnostic screen showing authentication attributes in plain text prior to encryption for debugging purposes. This is a two-step authorization process. Only applicable for new deployments.

 

Register with Federation

Provides access to federation registration tools and resources used to publish Bridge metadata to supported federations.

 

Authentication Provider

The Authentication Provider section displays the identity provider (IdP) configured for the Bridge.

 

SAML Provider Entity ID

Displays the Entity ID of the configured SAML identity provider.

The Entity ID uniquely identifies the identity provider and is used during authentication transactions.

 

Configure Provider

Opens the provider configuration page where authentication provider settings can be reviewed or modified.

 

Applications

The Applications section is used to manage applications connected to the Bridge.

Depending on the application protocol (SAML or CAS), you will navigate to that tab and select the application from the list. The edit icon allows you to update an existing application.

Applications are organized by protocol:

  • SAML Applications – Applications using the SAML protocol.
  • CAS Applications – Applications using the CAS protocol.


Select the appropriate tab to view applications configured for that protocol.

CAS and SAML applications can be managed from the Applications section of the tenant. Detailed instructions for managing these application types are provided in the documentation linked below.

 

Note: Some buttons or sections may appear differently depending on:

  • Tenant type (Enterprise Bridge vs. Standalone Bridge or Proxy)
  • User permissions
  • Tenant configuration status

 

Proxies

The Proxy Tenant Details page provides access to tenant configuration, authentication provider management, and application administration. Org Admins can use this page to review tenant information, manage authentication providers, configure authentication settings, and manage applications associated with the Proxy tenant.


Admin Summary

The Admin Summary section provides high-level information about the Proxy tenant and access to tenant-level administrative functions.

 

Organization

Displays the organization associated with the Proxy tenant.

 

Tenant Type

Displays the type of Proxy tenant that has been provisioned.

Example: Non-Automated Proxy

 

Tenant Name

Displays the unique identifier assigned to the Proxy tenant.

 

Created

Displays the date and time the Proxy tenant was created.

 

Test URL

Provides a testing endpoint that can be used to validate authentication and configuration prior to production use.

 

SP Registration Details

Provides access to Service Provider (SP) registration information associated with the Proxy tenant. This information may be used when configuring integrations with identity providers or federations.

 

Authentication Providers

The Authentication Providers section is used to manage the identity providers available within the Proxy tenant.

Authentication providers are the systems that authenticate users before access is granted to applications connected to the Proxy. Multiple authentication providers may be configured within a single Proxy tenant.

 

Examples of authentication providers include:

Google

Microsoft Entra ID

Okta

Shibboleth

 

Guest Identity Providers

Configured providers are displayed in the Authentication Providers table.

 

Display Name

Displays the name of each configured authentication provider.

 

Configure Discovery

Opens discovery configuration settings used to determine how users locate or select an authentication provider during the sign-in process.

 

Authentication Settings

Provides access to tenant-level authentication settings and policies that apply across the Proxy tenant.

 

Configure Provider

Allows administrators to view settings for an existing authentication provider.

 

Applications

The Applications section is used to manage applications connected to the Proxy tenant. Applications can be configured using one of the supported authentication protocols.

CAS and SAML applications can be managed from the Applications section of the tenant. Detailed instructions for managing these application types are provided in the documentation linked below.

 

Applications are organized by protocol and displayed within their respective tabs.

 

Note: Detailed instructions for creating, configuring, and managing SAML, CAS, and OIDC applications are available in the application-specific documentation. Refer to the appropriate application management guide for step-by-step configuration instructions. Available options and configuration settings may vary based on tenant type, user permissions, and organizational configuration.

 

User Interface

The User Interface page provides configuration for the global user interface elements of the Cirrus Identity products. Most customers will set a top banner/footer color and upload a custom logo.

 

Event Logs

The Event Logs page allows customers to do an on-demand download of event log information for products in your subscription. If you are also subscribed to the Log API, you are able to manage Log API credentials and access interactive documentation.

 

For more information on exporting event logs, click here. You can also find additional information on our Log API product.

 
Console