Scribd Logo
Upload

Welcome to Scribd!

  • Configuring Generic SAML Single Sign-On

    Uploaded by

    Vanessa
    4 views5 pages
    The document provides instructions for configuring generic SAML single sign-on between Securiti and an identity provider (IDP). It involves obtaining configuration data from Securiti including metadata and assertion consumer URLs, configuring the IDP with Securiti data and attribute mappings, getting the IDP's metadata, and configuring single sign-on in Securiti with the IDP metadata.

    Original Description:

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document provides instructions for configuring generic SAML single sign-on between Securiti and an identity provider (IDP). It involves obtaining configuration data from Securiti including metadata and assertion consumer URLs, configuring the IDP with Securiti data and attribute mappings, getting the IDP's metadata, and configuring single sign-on in Securiti with the IDP metadata.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    4 views5 pages

    Configuring Generic SAML Single Sign-On

    Uploaded by

    Vanessa
    The document provides instructions for configuring generic SAML single sign-on between Securiti and an identity provider (IDP). It involves obtaining configuration data from Securiti including metadata and assertion consumer URLs, configuring the IDP with Securiti data and attribute mappings, getting the IDP's metadata, and configuring single sign-on in Securiti with the IDP metadata.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 5

    Menu

    Configuring generic SAML single sign-on

    The following procedures describe in general terms how to configure a typical SAML-compliant IDP as
    a single-sign-on provider for Securiti. Use these instructions if we don't have specific instructions for
    your IDP in Configuring single sign-on[../configuring-single-sign-on.html].

     1. OBTAIN CONFIGURATION DATA IN SECURITI

    [#UUID-c335252b-261c-bb4f-c134-e461db7e48ca_section-idm232003767817953_body]

    In Securiti, you record the Service Provider (SP) metadata URL and Assertion Consumer Service
    (ACS) URL. You use these later when you configure the single sign-on service to work with Securiti.

    1 In Securiti, click Settings and choose Integrations > Single Sign-On.

    2 On the Single Sign-On page, record the following information to use later:

    SP Metadata URL

    ACS Url

    3 Proceed to 2. Configure the identity provider[configuring-generic-saml-single-sign-on.html#UUID-


    c335252b-261c-bb4f-c134-e461db7e48ca_section-idm232003782727334].
     2. CONFIGURE THE IDENTITYMenu
    PROVIDER

    [#UUID-c335252b-261c-bb4f-c134-e461db7e48ca_section-idm232003782727334_body]

    You configure your single sign-on service with the Securiti URLs you obtained earlier. You also
    configure correlations between attributes and claim fields.

    1 Log in to your single-sign-on service as an administrator.

    2 If necessary, configure a new application or integration in the service for Securiti.

    3 For the new application or integration, configure the following settings:

    Setting
    Value
    (may be labeled any of the following)

    Audience URI
    Client ID
    Enter the SP Metadata URL you recorded in
    Federation Metadata
    Securiti
    Identifier (Entity ID)

    Single sign on URL


    Recipient
    Reply URL (Assertion Consumer
    Service URL) Enter the ACS Url you recorded in Securiti
    Destination URL
    Valid Redirect URIs

    9r-9AgXLW5VIenW2VUts5kRcB0-lCJ1bC-
    US cloud FQ2R4_KJMeZ_oOTVHAvQ==

    aloaoPtqQ2mKDYQVGUrcL-SorEWxhJsITcjUcjsVx5-
    EU cloud EpMWFaWK3fQ==
    Setting Menu
    Value
    (may be labeled any of the following)

    Name ID Format Unspecified/Email

    Client Signature Required Off

    Encrypt assertion
    Assertion Encryption Off / Unencrypted

    Force Name ID Format Off

    Force POST Binding Off

    4 For the new application or integration, configure the following mandatory attribute mappings
    that Securiti requires from the IDP:

    Attribute Keys required


    Attribute Name Possible Column mapping to IDPs
    (set any one key from the list)

    Given-Name
    first_name
    user.firstName
    firstname
    First Name X500 givenName
    givenname
    user.givenname

    Surname
    last_name
    user.lastName
    lastname
    Last Name X500 surname
    surname
    user.surname

    User-Principal-Name
    email
    user.email
    emailaddress
    Email X500 email
    useremail
    user.mail
    5 Proceed to 3. Obtain identity provider metadata[configuring-generic-saml-single-sign-
    Menu
    on.html#UUID-c335252b-261c-bb4f-c134-e461db7e48ca_section-idm232258142536803].

     3. OBTAIN IDENTITY PROVIDER METADATA

    [#UUID-c335252b-261c-bb4f-c134-e461db7e48ca_section-idm232258142536803_body]

    For the application or integration, find the place in the IDP console where you obtain the identity
    provider metadata. The metadata is in the form of an XML file that you download, or as a URL for the
    file that you record to use later. Download the XML file or record the URL. Then proceed to 4.
    Configure single sign-on in SecuritiSecuriti[configuring-generic-saml-single-sign-on.html#UUID-c335252b-
    261c-bb4f-c134-e461db7e48ca_section-idm23225814591896].

     4. CONFIGURE SINGLE SIGN-ON IN SECURITISECURITI

    [#UUID-c335252b-261c-bb4f-c134-e461db7e48ca_section-idm23225814591896_body]

    In this section

    1. Obtain configuration data in Securiti[../../configuring-securiti-settings/configuring-single-sign-on/configuring-


    generic-saml-single-sign-on.html#UUID-c335252b-261c-bb4f-c134-e461db7e48ca_section-idm232003767817953]

    2. Configure the identity provider[../../configuring-securiti-settings/configuring-single-sign-on/configuring-generic-


    saml-single-sign-on.html#UUID-c335252b-261c-bb4f-c134-e461db7e48ca_section-idm232003782727334]

    3. Obtain identity provider metadata[../../configuring-securiti-settings/configuring-single-sign-on/configuring-generic-


    saml-single-sign-on.html#UUID-c335252b-261c-bb4f-c134-e461db7e48ca_section-idm232258142536803]

    4. Configure single sign-on in SecuritiSecuriti[../../configuring-securiti-settings/configuring-single-sign-on/configuring-


    generic-saml-single-sign-on.html#UUID-c335252b-261c-bb4f-c134-e461db7e48ca_section-idm23225814591896]

    © 2022 Securiti Last modified: Apr 14, 2022

    You might also like