Hello SRE -
We'd like to add ApereoCAS as an SSO option to Semgrep's Cloud Dashboard (semgrep.com/login). The Security-Team has purchased their supply chain tool and would prefer being able to auth via an in-house SSO (Apereo or Okta, if Apereo can't work) as opposed to github.com or gitlab.com. Semgrep's Cloud Dashboard currently supports OpenID and SAML 2, and I assume we'd prefer to use the latter? Anyhow, the required fields to add SAML 2 SSO support via their dashboard are: Email domain, IdP SSO URL, IdP Issuer ID and the certificate. Let me know if this works - not sure if we only use Apereo for Wikimedia-managed tools. If so, I can reach out to ITS about using Okta instead.