Setup Checklist for a New Deployment with the SSO Agent

Document created by RSA Information Design and Development on Jul 14, 2016Last modified by RSA Information Design and Development on Feb 9, 2018
Version 24Show Document
  • View in full screen mode

Use this checklist if you are setting up an identity router for the first time and want to enable the SSO Agent. In the Cloud Administration Console, the dashboard walks you through configuring the necessary components. The following table lists the required high-level steps.

High-Level Task Reference
1. Plan your product deployment. RSA SecurID Access Cloud Authentication Service Planning Guide
2. Configure the protected domain name, provide Secure Sockets Layer (SSL) private keys and certificates to protect the RSA SecurID Access Application Portal, and change your company ID.Configure Company Information and Certificates

3. Use the dashboard in the Cloud Administration Console to progress through the configuration steps.

  • Install and configure the identity router.
  • Configure a cluster to enable the SSO Agent on all identity routers.
  • Connect your LDAP directory server to your deployment.
  • Add protected web applications.

Deploying an Identity Router

Add a Cluster

Identity Sources for the Cloud Authentication Service

Add an Identity Source for the Cloud Authentication Service

Choosing a Connection Method to Add an SSO Agent Application

4. Configure the standard web application portal for end users.

User Application Portal

Configure the Standard Web Application Portal

5. Confirm the authentication methods within each assurance level.

Assurance Levels

Configure Assurance Levels

6. Set up policies to control user access to web applications.

Access Policies

Add an Access Policy

7. (Optional) Set up Integrated Windows Authentication (IWA) to provide a streamlined single sign-on experience for users who log on from within your corporate domain.

Integrated Windows Authentication

Deploying Integrated Windows Authentication

8. (Optional) Add authentication sources to automate the use of configured identity providers (IdPs).

Authentication Sources

Add an Authentication Source

9. (Optional) To use SecurID Token as an authentication method, you must configure the Cloud Authentication Service to connect to RSA Authentication Manager. Integrating RSA Authentication Manager with the Cloud Authentication Service
10. Roll out the product to end users, instructing users to download the app and test authentication.

RSA SecurID Access Rollout to Users



You are here
Table of Contents > RSA SecurID Access Product Overview > Setup Checklist for a New Deployment with the SSO Agent