This section describes how to integrate Smartsheet with RSA Cloud Authentication Service using IDR SSO.

Configure RSA Cloud Authentication Service

Perform these steps to configure RSA Cloud Authentication Service using IDR SSO.
Procedure

1. Sign into RSA Cloud Administration Console and navigate to Applications > Application Catalog.
2. Search for Smartsheet and click Add to add the connector.
3. On the Basic Information page, choose Identity Router.
4. In the Name field, enter a name for the application and click Next Step.                                                                                                              
5. Navigate to the Initiate SAML Workflow section.
6. Choose IDP-initiated or SP-Initiated as applicable.
7. Verify the default settings in the Connection URL field.                                                                                                   
8. Scroll down to the Identity Provider section.
9. Under the Identity Provider Entity ID section, click Override and enter the connection URL of RSA. 
   1. Identity Provider URL is automatically generated.
   2. Identity Provider Entity ID is automatically generated.
   3. Click Generate Cert Bundle and set a name for your company certificate.
   4. Click Generate and Download.
   5. Click Choose File and upload the private key from the generated certificate bundle.
   6. Click Choose File and upload the cert from the generated certificate bundle. The public certificate in the bundle is used for the Smartsheet configuration.
10. Scroll down to the Service Provider section and enter the following details:
    1. Assertion Consumer Service (ACS) - https://sso.smartsheet.com/SAML2/POST.
    2. Audience (Service Provider Issuer ID) - https://sso.smartsheet.com/saml.  
11. Scroll down to the User Identity section.
12. Verify the settings are correct for your environment. In this example, the username should be presented in email format and the user account will be validated against the User Store selected.                                                                                                                                                       
13. Click Next Step.
14. On the User Access page, select the access policy the identity router will use to determine which users can access the application. 
15. Click Next Step.
16. On the Portal Display page, configure the portal display and other settings.
17. Click Save and Finish.
18. Click Publish Changes.                                                                                                               
19. Perform the following steps only if export metadata is required:
    1. Navigate to Applications > My Applications. 
    2. Locate your Smartsheet application instance in the list and from the Edit option, select Export Metadata. 

Configure Smartsheet

1. Sign into Smartsheet admin console - https://app.smartsheet.com/b/home?mt=57&de=4VPv0jw8zC6Q__h2J5h4VOyAvrwLal-T2Op79az53LA
2. Click Account > Plan & Billing Info. The Account Administration page appears.              
3. In the left pane, click Security Controls.
4. Under Authentication, click Edit.                                                       
5. Select SAML and click edit configuration.                                                                                                                                                                                                          
6. Click Add IdP.                                                                                                                                                                                                                               
7. Add IdP Nickname and paste RSA's metadata in the IdP Metadata field.                 
8. Click Save.
9. On the SAML Administration form, click edit and activate the IdP.                                       
10. In the Account menu, click User Management.                                                      
11. Click Add User.
12. Enter Email, First Name, and Last Name.                                                                                
13. Click OK.