Rapid7 - SAML My Page SSO Configuration - RSA Ready Implementation Guide
8 months ago

This article describes how to integrate Rapid7 with RSA Cloud Access Service (CAS) using My Page SSO.

    

Configure CAS

Perform these steps to configure CAS using My Page SSO.

Procedure

  1. Sign in to RSA Cloud Administration Console and browse to Applications > Application Catalog.
  2. Click Create from Template and click Select for SAML Direct.
  3. On the Basic Information page, choose Cloud.
  4. Enter a name for the application and click Next Step.
  5. On the Connection Profile page, navigate to the Initiate SAML Workflow section and choose IdP-initiated.
  6. Under Data Import method, import the metadata file from Rapid7 to populate the Assertion Consumer Service (ACS) URL value and Service Provider Entity ID.
  7. Scroll down to the Identity Provider section and make a note of the Identity Provider URL that is required for the Rapid7 configuration.
  8. Under the Message Protection section, for SAML Response Protection, choose IdP signs assertion within response.
  9. Scroll down to the User Identity section and select the following values:
    1. Identifier Type: emailAddress
    2. Property: mail

  10. Click Next Step.
  11. In the Access Policy section, choose the policy for the application in the drop-down list.
  12. On the Portal Display page, select Display in Portal.
  13. Click Next step.
  14. Configure the Fulfilment details as per your organization policy.
  15. Locate the application that you created on the My Applications page and click the drop-down arrow next to Edit > Export Metadata.
  16. Click Publish Changes.
    Your application is now enabled for SSO.

       

Configure Rapid7

Perform these steps to configure Rapid7.
Procedure

  1. Log on to Rapid7 with the administrator account and browse to the Administration > Authentication: 2FA and SSO.
  2. Under AUTHENTICATION, navigate to SAML AUTHENTICATION SOURCE and click CONFIGURE SAML SOURCE.
  3. Under SAML Configuration, click Upload IDP Metadata File to upload the metadata file that was downloaded from RSA.
  4. Click Save to complete the SAML configuration.
  5. To create users on the InsightVM console, navigate to Administration > Users > User Management and click Add user.
  6. Fill in the details on the Add User form. 
    Note that the e-mail address is case sensitive and must match the existing user in RSA.
  7. In the Authorization Method drop-down list, select SAML.
  8. Select the role as Global Admin and save to create the user.

The configuration is complete.

 

Related Articles

Trending Articles

Don't see what you're looking for?