Damstra Learning Management - SAML My Page SSO Configuration - RSA Ready Implementation Guide
2 years ago
This article describes how to integrate Damstra Learning Management with RSA Cloud Authentication Service using My Page SSO.

Configure RSA Cloud Authentication Service

Perform these steps to configure RSA Cloud Authentication Service using My Page SSO.
Procedure
  1. Enable My Page SSO by accessing the RSA Cloud Administration Console > Access > My Page > Single Sign-On (SSO). Ensure it is enabled and protected using two-factor authentication - Password and Access Policy.                                                                                     image.png
  2. On the Applications > Application Catalog page, click Create From Template.                                                                               image.png
  3. Click Select for SAML Direct.                                                                                                                                                                    image.png
  4. On the Basic Information page, enter a name for the configuration in the Name field and click Next Step.                                          image.png
  5. On the Connection Profile page, click the IdP-initiated option.                                                                                                           image.png
  6. Provide the Service Provider details in the following format: 
    1. ACS URL: https://auth.velpic.com/saml/v2/<Account Id>/login 
    2. Service Provider Entity ID: https://auth.velpic.com/saml/v2/<Account Id>/login. 
      Refer to the Configure Damstra Learning Management section to obtain <Account Id>.                                                    image.png
  7. In the SAML Response Protection section, choose IdP signs assertion within response
  8. Download the certificate by clicking Download Certificate.                                                                                                                     image.png
  9. Click Show Advanced Configuration.
  10. Under the User Identity section, configure Identifier Type and Property. For example, Identifier TypeAuto Detect and PropertyAuto Detect.                                                                                                                                                       image.png
  11. Add the following Statement Attributes
    1. http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname  - sn
    2. http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name - userName 
    3. http://schemas.xmlsoap.org/ws/2005/05/idxntity/claims/givenname - givenName
    4. http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress - mail                                                                                    image.png
  12. Click Next Step.
  13. Choose your desired Access Policy for this application and click Next Step > Save and Finish.                                                           image.png
  14. On the My Applications page, click the Edit drop-down icon and select Export Metadata to download the metadata.                    image.png
  15. Click Publish Changes. Your application is now enabled for SSO.                                                                                                      image.png  image.png

Configure Damstra Learning Management.

Perform these steps to configure Damstra Learning Management.
Procedure
  1. Log on to Damstra Learning Management.
  2. Navigate to Admin > Integration > Plugins.                                                                                                                                                 image.png
  3. Click Add Plugin.                                                                                                                                                                                    image.png
  4. Click SAML 2.0.                                                                                                                                                                                      image.png
  5. Enter the Service Name: Name of the Identity Provider and click Add.                                                                                                image.png
  6. Enter the following details and click Save.
    1. Name: The Identity Provider name that is auto-filled.
    2. Single sign on URL: Copy the <Account Id> value to construct ACS URL and Entity ID.
    3. Issuer URL: The SingleSignOnService value that can be obtained from the metadata file downloaded from RSA.
    4. Provider Metadata Config: Upload the metadata file downloaded from RSA.
    5. (Optional) Select Enabled for Auto create new users if you want to enable Just in Time (JIT) Provisioning.                    image.png
The configuration is complete.
Return toDamstra Learning Management - RSA Ready Implementation Guide.

Related Articles

Trending Articles

Don't see what you're looking for?