Britive - SAML SSO Agent Configuration - RSA Ready SecurID Access Implementation Guide

Document created by RSA Information Design and Development Employee on May 27, 2020
Version 1Show Document
  • View in full screen mode

This section describes how to integrate RSA SecurID Access with Britive using a SAML SSO Agent.

Architecture Diagram

Configure RSA Cloud Authentication Service

Perform these steps to configure RSA Cloud Authentication Service as an SSO Agent SAML IdP to Britive.

Procedure

1. Sign into the RSA Cloud Administration Console and browse to Applications > Application Catalog, search for Britive and click +Add to add the connector.

2. On the Basic Information page, enter a name for the application in the Name field, and click Next Step.

3. In the Initiate SAML Workflow section, in the Connection URL field, enter the Initiate SSO URL obtained from Step 3(c) of Britive configuration.

4. Scroll down to SAML Identity Provider (Issuer) section and perform following steps:

  1. Click Generate Cert Bundle to generate and download a zip file containing the private key and certificate. Unzip the downloaded file to extract the certificate and private key.
  2. Select the first Choose File and upload the RSA SecurID Access private key.
  3. Select the second Choose File and upload the RSA SecurID Access public certificate.

5. In the Service Provider section, do the following:

  1. In the Assertion Consumer Service (ACS) URL field, enter the Assertion Consumer URL obtained from Step 3(a) of Britive configuration.
  2. In the Audience (Service Provider Entity ID) field, enter the Audience/Entity ID value obtained from Step 3(b) of Britive configuration.

6. In the User Identity section, select Email Address from the Identifier Type drop-down list, select the name of your user identity source and select the property value as mail. Click Show Advanced Configuration.

7. Under Attribute Extension section, do the following:

  1. Attribute Source: Select Identity Source from the drop-down list
  2. Attribute Name: Type email
  3. Identity Source: Select the appropriate identity source from the drop-down list
  4. Property: Select mail from the drop-down list

8. Scroll to the bottom of the page and click Next Step.

9. On the User Access page, select the access policy the identity router will use to determine which users can access the Britive service provider. Click Next Step.

10. On the Portal Display page, configure the portal display and other settings. Click Save and Finish.

11. On the My Applications page, click on the drop down icon beside the Edit button of the application configured above and click Export Metadata. The file is downloaded with the name <ApplicationName>-idp-metadata.xml where <ApplicationName> is the name given in Step 2 above. This file needs to be uploaded in Step 4 of Britive configuration.

12. Click Publish Changes in the top left corner of the page, and wait for the operation to complete.

 

Configure Britive

Perform these steps to integrate Britive with RSA SecurID Access as a SAML SSO Agent.

Procedure

1. Login to Britive application with administrator privileges and navigate to Admin > User Administration > Identity Providers > Add Identity Provider.

2. Enter a suitable name and a description. Then click Add Identity Provider.

3. Select SSO Configuration and do the following:

  1. Copy the Assertion Consumer URL. This URL needs to be entered in Step 5(a) of RSA Cloud Authentication Service configuration.
  2. Copy the Audience/Entity ID. This value needs to be entered in Step 5(b) of RSA Cloud Authentication Service configuration.
  3. Copy the Initiate SSO URL. This URL needs to be entered in Step 3 of RSA Cloud Authentication Service configuration.

4. Under SSO configuration, click on Upload SAML Metadata then browse and upload the "<ApplicationName>-idp-metadata.xml" file downloaded in Step 11 of RSA Cloud Authentication Service configuration.

 

Configuration is complete.

Return to the main page for more certification related information.

 
You are here
Britive - SAML SSO Agent Configuration - RSA Ready SecurID Access Implementation Guide

Attachments

    Outcomes