1Password - My Page SSO Configuration Using OIDC - RSA Ready Implementation Guide
2 years ago
This article describes how to integrate 1Password with RSA Cloud Authentication Service using My Page SSO (OIDC).

Configure RSA Cloud Authentication Service

Perform these steps to configure RSA Cloud Authentication Service using My Page SSO (OIDC).
Procedure
  1. Sign in to RSA Cloud Administration Console.
  2. Enable SSO on My Page by accessing the RSA Cloud Administration Console > Access > My Page > Single Sign-On (SSO).
  3. Enable two-factor authentication by using Password and Access Policy.
  4. Navigate to Applications > My Applications > Add an Application, and click Create From Template.
  5. Click Select against OIDC.
  6. On the Basic Information page, enter the name for the application in the Name field.
  7. Click Next Step.
  8. Choose the required option on the Authentication page and click Next Step.                                                                                                image.png
  9. Under Connection Profile, provide the following details:
    1. Authorization Server Issuer URL is auto-populated. 
    2. Redirect URL is obtained from 1Password (see next section).
    3. Copy and paste the Redirect URL to Connection URL.
    4. Provide a Client ID. It will be used for the 1Password configuration.
    5. Retain the Client Authentication Method as the default value, Not Selected.
    6. Provide the following scopes: openid, profile, and email (scopes should be added in advance. See Notes.)
    7. Provide the following claims: sub, name, and email ( claims should be added beforehand. See Notes.)                                           image.png
    8. Click Next Step.
  10. Click Save and Finish.
  11. Click Publish Changes.

Notes

  1. To add scopes, click Access > OIDC Settings.                                                                                                                                                image.png
  2. Click the Scopes tab and add the following scopes.                                                                                                                                     image.png
  3. Click Save Settings.
  4. To add claims, click the Claims tab and add the following claims.                                                                                                             image.png
  5. Click Save Settings.
  6. Click Publish Changes.

Configure 1Password

Perform these steps to configure 1Password.
Procedure
  1. Sign in to 1Password admin console.
  2. In the right pane, click Policies, and then click Configure Identity Provider.                                                                                                 image.png
  3. Select Other in the Identity Provider drop-down list and provide a valid name. 
  4. Provide the following details from the configuration done on RSA Cloud Administration Console.
    1. Client ID: Client ID name given in the connector configuration on the RSA side.
    2. Well-known URL: Use the following URL. 
      https:// <your RSA tenant> /sso/oidc/.well-known/openid-configuration
  5. Copy the Redirect URL and paste it into the connector created.
  6. Save and publish the connector before proceeding to the next step.
  7. Click Test Connection to verify the configuration. The user will be redirected to RSA where user details need to be provided. (This user should be configured on the RSA side). The connection should be successful.
  8. Save the configuration.                                                                                                                                                                                    image.png

The configuration is complete.
Return to 1Password - RSA Ready Implementation Guide .
 

Related Articles

Trending Articles

Don't see what you're looking for?