Enterprise Account Settings

Last updated January 10, 2023

The Settings tab of your Enterprise Account lets you rename the Enterprise Account, set up single sign-on (SSO), and access Audit Trail. Enterprise Account users must have the manage permission to access this tab.

Rename an Enterprise Account

Rename an Enterprise Account via Heroku Dashboard

If you want to change your Enterprise Account name, you can click Edit, type the new name in the “Account name” field, and then save the new name.

AccountRename

Rename an Enterprise Account via Heroku CLI

Renaming an Enterprise Account via the CLI requires the Enterprise Accounts CLI Plugin.

The Enterprise Account can be renamed via the following Heroku CLI command:

$ heroku enterprises:rename new-account-name --enterprise-account=account-name

View audit logs

Please submit any questions, suggestions, and other feedback you have to heroku-audit-logs@salesforce.com

Heroku Audit Trail (audit logs) enables you to export a chronological, JSON-formatted archive of certain events associated with your Heroku Enterprise account. Learn more on the Audit Trails for Enterprise Accounts page.

Set up Single Sign-On (SSO)

If this is the first time you’re setting up SSO for your Enterprise Account, and none of your Enterprise Teams already have SSO enabled, click Begin setup.

SSONotSetUp

Provide values for each of the following fields:

  • Identity Provider (IdP) Issuer URL
  • Identity Provider (IdP) Redirect URL
  • Identity Provider (IdP) Certificate

Activate the Enable SSO switch and click Save.

EnableSSO

Migrate an existing SSO

If you already have SSO enabled for a particular Enterprise Team, the following notice displays on your Enterprise Account’s Settings tab:

EnableSSO

You can click Migrate existing setup... to move the SSO configuration from the indicated Enterprise Team to the Enterprise Account. Alternatively, you can setup a new SSO configuration by clicking Configure SSO....

If you migrate an SSO configuration from an Enterprise Team to its parent Enterprise Account, new SSO users are no longer automatically added to the originating Enterprise Team. Instead, they are added to the Enterprise Account with the view permission only. An Enterprise Account administrator can then grant any additional team-specific permissions to the user.

When SSO is configured at Enterprise Account level, new users are added to the Enterprise Account with the view permission. An admin needs to add the user to desired teams and assign appropriate permissions.

Providing multiple IdP certificates

See this article for more information on how multiple IdP certificates are provided for your Enterprise Teams.

Feedback

Log in to submit feedback.