Hub Planner - SAML Relying Party Configuration - RSA Ready SecurID Access Implementation Guide
2 years ago
Originally Published: 2021-08-12

Hub Planner - SAML Relying Party Configuration - RSA Ready SecurID Access Implementation Guide

This section describes how to integrate RSA SecurID Access with Hub Planner using Relying Party. Relying party uses SAML 2.0 to integrate RSA SecurID Access as a SAML Identity Provider (IdP) to Hub Planner SAML Service Provider (SP).

Architecture Diagram

kotlad1_0-1628794512041.png

 

Configure RSA Cloud Authentication Service

Perform these steps to configure RSA Cloud Authentication Service as a relying party SAML IdP to Hub Planner .

Procedure

    1. Sign into the RSA Cloud Administration Console and browse to Authentication Clients > Relying Parties and click Add a Relying Party.

      kotlad1_1-1628794564494.png

      kotlad1_2-1628794600290.png

    2. On Basic Information page enter a Name for the application, ie. Hub Planner Then click on Next Step.

    3. On Authentication page

        1. select the RSA SecurID Access manages all authentication

        2. Select the desired Primary Authentication Method from the dropdown list.

        3. Select the desired policy from the Access Policy for Additional Authentication.

        4. Click Next Step

      kotlad1_3-1628794662238.png

    4. On Connection Profile page

        1. Enter the Assertion Consumer Service (ACS) this is the URL for your instance of Hub Planner For example https://rsa44.hubplanner.com/resource/group/605063f36b50cb0b63ddaff4

        2. Enter the Service Provider Entity ID) this is the domain for for your instance of Hub Planner. For example https://rsa44.hubplanner.com/

        3. Click on Download Certificate

        4. Click on Choose File and upload the certificate just downloaded.  This same certificate will be used in the Hub Planner configuration below.

        5. Open Advanced Configuration section and note the Identity Provider Entity ID field . For Example :https://rsa-blr-pe.auth-demo.securid.com/saml-fe/sso

        6. For User Identity set Identifier Type = Email Address and Property = mail

        7. Click on Save and Finish

      kotlad1_4-1628794695350.png

    5. Browse to Authentication Clients > Relying Parties

    6. Scroll down to the your newly created Relying party and click down error next to Edit and choose View or Download IdP MetatData
      kotlad1_5-1628794729594.png

 

  1. Click on Publish Changes. Your application is now enabled for SSO. If you make any additional changes to the application configuration you will need to republish.

    kotlad1_6-1628794769716.png

Configure Hub Planner

Perform these steps to integrate Hub Planner with RSA SecurID Access as a Relying Party SAML SP.

Procedure

  1. Sign into Hub Planner and browse to Settings > Authentication

  2. From SSO Authentication Method select SSO (Single Sign-on)

  3. Use the Identity Provider URL obtained from configuration above for the SAML 2.0 Endpoint URL (HTTP). For example, https://portal.sso.pe.rsa.net/IdPServlet?idp_id=18vYYpevospr2

  4. use the Identity Provider URL obtained from configuration above for the Identity Provider Issuer.

  5. Using the contents of the metadata XML file downloaded above and copy the X.509 certification information between the tags <ds:X509Certificate></ds:X509Certificate> and paste it in the X.509 certificate field.

  6. Click on Save

Configuration is complete.

See main page for more certification information.

Related Articles

Trending Articles

Don't see what you're looking for?