IBM Resilient - SAML Relying Party Configuration - RSA Ready Implementation Guide
2 years ago
This article describes how to integrate RSA with IBM Resilient using SAML Relying Party.
  

Configure RSA Cloud Authentication Service

Perform these steps to configure RSA Cloud Authentication Service as Relying Party to IBM Resilient.
Procedure
  1. Sign in to RSA Cloud Administration Console. 
  2. Click Authentication Clients Relying Parties.                                                                                                                                              image.png
  3. On the Relying Party Catalog page, click Add a Relying Party and click Add for Service Provider SAML.                                                  image.png
  4. On the Basic Information page, enter the name for the application in the Name field and click Next Step.                                                  image.png
  5. On the Authentication page, choose SecurID manages all authentication.
  6. Select a Primary Authentication Method and Access Policy as required and click Next Step.                                                               image.png
  7. For providing Service Provider details:
    1. Select Import Metadata and click Choose File.  
    2. Select the file that is downloaded from the Service Provider.
      Refer to the Configure IBM Resilient section to download the metadata.                                                                                          image.png
  8. Review the ACS URL and Service Provider Entity ID values that are auto-filled.                                                                                  image.png
  9. Retain the SP signs SAML requests and Encrypt Assertion checkbox selections.                                                                                 image.png     image.png
  10. In the SAML Response Protection section, choose IdP signs assertion within response.
  11. Download the certificate by clicking Download Certificate.                                                                                                                       image.png
  12. Click Show Advanced Configuration.
  13. Under the User Identity section, configure Identifier Type and Property. For example, Identifier TypeAuto Detect and PropertyAuto Detect.                                                                                                                                                             image.png
  14. Under the Attribute Extension section, add the attributes as shown in the following figure.                                                                       image.png
  15. Click Save and Finish.
  16. On the My Relying Parties page, click the Edit drop-down and select the Metadata option to download the metadata.                      image.png
  17. Click Publish Changes. Your application is now enabled for SSO.                                                                                                            image.png  image.png
 

Configure IBM Resilient

Perform these steps to configure IBM Resilient.
Procedure
  1. Log on to the IBM Resilient terminal using the administrator credentials.
  2. Create a SAML federation by running the following command - sudo resutil samledit -alias <alias_name> -certfile <certfile.pem> -org "<org_name>" -createusers -loginurl <idp_login_url>
    1. alias_name - Provide a unique name for creating a SAML federation. 
    2. certfile.pem - Provide the downloaded certificate from RSA.
    3. org_name - Provide the IBM Resilient SOAR platform organization name.
    4. idp_login_url – The SingleSignOnService value that can be obtained from the metadata file downloaded from RSA.            image.png                                                                                       The preceding command also prints the SAML federation details to the console and writes the following files.                                        <alias>-metadata.xml - SAML XML metadata that can be imported into RSA to complete the configuration.
       <alias>-sp-cert.pem - Service Provider certificate that was automatically generated.                                                                      image.png
  3. Copy <alias>-metadata.xml SAML metadata file by running the following command - cat <alias>-metadata.xml. Copy and save the .xml file that is used to configure RSA.                                                                                                                                                                      image.png
  4. After the SAML in the Identity Provider is configured, check the SAML configuration by running the following command.                           image.png

Example:
image.png

The configuration is complete.
Return to IBM Resilient - RSA Ready Implementation Guide.

Related Articles

Trending Articles

Don't see what you're looking for?