Mulesoft Anypoint Platform - SAML Relying Party Configuration - RSA Ready Implementation Guide
2 years ago
This article describes how to integrate RSA with Mulesoft Anypoint Platform using SAML Relying Party.

Configure RSA Cloud Authentication Service

Perform these steps to configure RSA Cloud Authentication Service as Relying Party to Mulesoft Anypoint Platform.
Procedure
  1. Sign in to the RSA Cloud Administration Console.
  2. Navigate to the Authentication Clients menu, and from the dropdown, select Relying Parties.image.png
  3. In the Relying Party Catalog, select Add a Relying Party and click Add for Service Provider SAML.image.png
  4. On the Basic Information page, enter a name for the application in the Name field and click Next Step.image.png
  5. In the Authentication tab, select SecurID manages all authentication.
  6. Select the Primary Authentication Method and Access Policy for Additional Authentication as required and click Next Step.image.png
  7. To provide Service Provider details, select Import Metadata and click the Choose File button. Then, select the file downloaded from the Service Provider..image.png
See the Notes section for instructions on how to obtain the Metadata file.
  1. Assertion Consumer Service (ACS) URL and Service Provider Entity ID values will be auto filled.image.png
  2. Under the Message Protection section, check the SP signs SAML requests checkbox. Then, click on Choose File to upload the certificate obtained from the MuleSoft Anypoint platform.
image.png
  1. In the SAML Response Protection section, select IdP signs entire SAML response.
  2. Download the certificate by clicking on Download Certificate.image.png
  3. Under the User Identity section, select Show Advanced Configuration, then configure Identifier Type and Property as follows:
    1. Identifier Type: unspecified
    2. Property: mail
image.png
  1. Under Statement Attributes add the following attributes:
    1. Attribute Name: email
    2. Attribute Source: Identity Source
    3. Property: mail
image.png
  1. Click Save and Finish
  2. On the My Relying Parties page, click the Edit dropdown and select Metadata option to download the metadata.image.png
  3. Click Publish Changes to save your settings. After publishing, your application will be enabled for SSO.image.pngimage.png

Notes:

To obtain Anypoint Platform metadata do the following:
  1. Click the SAML configuration that was configured in Anypoint platform.image.png
Note: The metadata link will only be generated after configuring SAML in Anypoint Platform.
  1. Under Configuration tab, click on Anypoint service provider metadata link to download the metadata file.image.png
  2. While importing Mulesoft Anypoint Platform metadata into the RSA platform, the Encrypt Assertion checkbox will be auto populated. Untick the checkbox.image.png
  3. To download the Mulesoft Anypoint certificate, select Anypoint Keys, then click on the download button to download the MuleSoft Anypoint Platform certificate.image.png

Configure Mulesoft Anypoint Platform

Perform these steps to configure Mulesoft Anypoint Platform.
Procedure
  1. Log in to Mulesoft Anypoint Platform with admin credentials.
  2. Click on Access Management.image.png
  3. Click on Identity Providers, then click Add Identity Provider, and select SAML 2.0.image.png
  4. Provide the following details:
    1. Import IdP Metadata: Upload the metadata file downloaded from the RSA platform.
    2. Name: Provide a unique name.
image.png
  1. Provide the Audience value and click Save Changes.
    1. Audience - <organization domain>.anypoint.mulesoft.com. 
image.png
See Notes section on how to obtain the organization domain.

Notes

To obtain organization domain do the following:
  1. Click on your profile icon at the top right corner and select Profile.
image.png
  1. Under the Settings section, you can find the organization domain.image.png
The configuration is complete.
Return to Mulesoft Anypoint Platform - RSA Ready Implementation Guide

Related Articles

Trending Articles

Don't see what you're looking for?