BigID - SAML My Page SSO Configuration - RSA Ready Implementation Guide
2 years ago
This article describes how to integrate BigID with RSA Cloud Authentication Service using My Page SSO.

Configure RSA Cloud Authentication Service

Perform these steps to configure RSA Cloud Authentication Service using My Page SSO.
Procedure
  1. Enable My Page SSO by accessing the RSA Cloud Admin Console > Access > My Page > Single Sign-On (SSO). Ensure it is enabled and protected using two-factor authentication - Password and Access Policy.image.png
  2. On the Applications > Application Catalog page, click on Create From Template.image.png
  3. On the Choose Connector Template page, click Select for SAML Direct.image.png
  4. On the Basic Information page, enter a name for the configuration in the Name field and click Next Step.image.png
  5. In the Connection Profile section, select IdP-initiated option.image.png
  6. Provide the Service Provider details in the following format: 
    1. Assertion Consumer Service (ACS) URL: https://<Tenant ID>. Mybigid.com/api/v1/saml/login/callback.
    2. Service Provider Entity ID: <BigId Entity ID>
Note: A Unique Tenant ID will be provided for your instance from BigID.
image.png
Refer to the Notes section for instructions to obtain Entity ID.
  1. In the SAML Response Protection section, select IdP signs assertion within response.
  2. Download the certificate by clicking Download Certificate.image.png
  3. Under the User Identity section, select Show Advanced Configuration, then configure Identifier Type and Property as follows:
    1. Identifier Type: Auto Detect
    2. Property: Auto Detect
image.png
  1. Under the Statement Attributes section. add the attributes from BigID as shown in the following figure.
image.png
   
Note: Refer to the BigID configuration section for mapping the attributes.
  1. Click Next Step.
  2. Choose your desired Access Policy for this application and click Next Step > Save and Finish.image.png
  3. On the My Applications page click the Edit dropdown and select Export Metadata to download the metadata.image.png
  4. Click Publish Changes to save your settings. After publishing, your application will be enabled for SSO.image.pngimage.png

Notes

  • Entity ID can be found under SAML Settings in BigID platform.image.png
  • RSA Platform users must be part of a Group Membership that matches the SAML values specified in the BigID configuration (see the BigID configuration section).image.png

Configure BigID

Perform these steps to configure BigID.
Procedure
  1. Log in to BigID with admin credentials.
  2. Click Settings and select Access Management.image.png
  3. Click the IdP tab and check the Enabled box under SAML Settings.image.png
  4. Provide the following details:
    1. Entity ID – Enter unique Name or ID.
    2. Select Upload XML and click Select File or Drop and upload the metadata file downloaded from the RSA platform.
    3. Click on TEST CONNECTION to test the configuration.image.png
Refer Configure RSA section for the instructions on how to obtain metadata.
  1. Under the Configure User Attributes section add the following attributes under the Token Attribute section.image.png
  2. Under the Configure Role Groups section, configure the roles and groups as required:
    1. Token Attribute: Role (Custom value)
    2. SAML Values: Admin (Custom value)
image.png
 
  1. Click Save.
image.png
 
The configuration is complete.
Return to BigID - RSA Ready Implementation Guide

Related Articles

Trending Articles

Don't see what you're looking for?