Boomi - SAML Relying Party Configuration - RSA Ready Implementation Guide
2 years ago

This article describes how to integrate RSA with Boomi using SAML Relying Party.

Configure RSA Cloud Authentication Service

Perform these steps to configure RSA Cloud Authentication Service as Relying Party to Boomi.
Procedure

  1. Sign in to the RSA Cloud Administration Console.
  2. Navigate to the Authentication Clients menu, and from the dropdown, select Relying Parties.image.png
  3. In the Relying Party Catalog, select Add a Relying Party and click Add for Service Provider SAML.image.png
  4. On the Basic Information page, enter a name for the application in the Name field and click Next Step.image.png
  5. In the Authentication tab, select SecurID manages all authentication.
  6. Select the Primary Authentication Method and Access Policy for Additional Authentication as required and click Next Step.image.png
  7. To provide Service Provider details, select Import Metadata, click the Choose File button, and select the file downloaded from the Service Provider.image.png
Refer to the Boomi configuration section for instructions on obtaining the Boomi metadata file.
  1. Assertion Consumer Service (ACS) URL, Service Provider Entity ID and SP signs SAML requests values will be auto populated.image.pngimage.png
  2. In the SAML Response Protection section, select IdP signs assertion within response, and download the certificate by clicking Download Certificate.image.png
  3. Under the User Identity section, select Show Advanced Configuration, then configure Identifier Type and Property as follows: 
    1. Identifier Type: Auto Detect 
    2. Property: Auto Detect
image.png
  1. Click Save and Finish.
  2. On the My Relying Parties page, click Edit dropdown and select Metadata option to download the metadata.image.png
  3. Click Publish Changes to save your settings. After publishing, your application will be enabled for SSO.image.png

Configure Boomi

Perform these steps to configure Boomi.
Procedure

  1. Log in to Boomi administration console.
  2. Under Settings, click Account Information and Setup.image.png
  3. Under Security Options, select SSO Options.
  4. Provide the following details and click Save.
    1. Click the Enabled radio button to select Enable SAML Single Sign-On.
    2. Identity Provider Certificate: Upload the certificate downloaded from the RSA platform by clicking the Import button. Before uploading, convert the PEM file to a CRT file - refer to the notes for steps.
    3. Identity Provider Sign In URL: The value of SingleSignOnService, obtainable from the metadata file downloaded from the RSA platform.image.png
    4. Federation ID location: Select the Federation ID is in NameID element of the Subject radio button.
    5. Name ID Policy: Select the Transient radio button.
    6. SAML Authentication Context: Select the Password Protected Transport radio button.
    7. SAML Authentication Context Comparison Levels: Select the Exact radio button.
    8. AtomSphere Metadata URL: This field will be auto populated. Copy the URL to obtain Dell Boomi metadata file for RSA configuration.image.png
  5. Navigate to Account Access > User Management under Settings, select the user, and click the edit icon.image.png
  6. Enter the User e-mail address as Federation ID and click OK.image.png

Notes:

  1. To convert the PEM file to a CRT file, follow these steps:
    1. Install the latest version of OpenSSL for Windows.
    2. Open the Windows Command Line.
    3. Navigate to the file path where the file downloaded from the RSA platform is located.
    4. Run the following command: openssl x509 -outform der -in your-cert.pem -out your-cert.crt
    5. Replace your-cert.pem with the name of the file downloaded from the RSA platform.
image.png

The configuration is complete.

Related Articles

Trending Articles

Don't see what you're looking for?