Configure the RSA Cloud Authentication Service

1. Sign in to the RSA Cloud Administration Console with Administrator credentials.
2. Click Authentication Clients > Relying Parties on the menu at the top of the screen.
3. Click Add a Relying Party.  
4. In the Relying Party Catalog, click Add corresponding to Service Provider SAML. 
5. On the Basic Information page, enter the name for the application in the Name field and click Next Step.
6. On the Authentication page, choose SecurID manages all authentication.
7. Select a Primary Authentication Method and Access Policy as required and click Next Step.
8. Enter the Service Provider details ACS URL and Service Provider Entity ID.
   See the SolarWinds Observability configuration section below for instructions on how to obtain the ACS URL and Entity ID.
9. In the SAML Response Protection section, choose IdP signs assertion within response.
10. Click Download Certificate to download the certificate.
11. Click Show Advanced Configuration and configure Identifier Type and Property under the User Identity section as "Auto Detect" as shown in the following screenshot.
12. Click Save and Finish.
13. Go to the My Relying Parties page and choose Metadata from the Edit dropdown menu to download the metadata.
14. Click Publish Changes. After publishing, your application is now enabled for SSO.

Configure SolarWinds Observability

1. Log in to SolarWinds Observability (https://my.na-01.cloud.solarwinds.com) as an administrator.
2. Go to Settings.
3. Go to Security > SAML.
4. Toggle the Enable SAML Integration button.
5. Copy the SolarWinds Observability Entity ID and ACS URL.
6. Provide the required Identity Provider Information as follows:
   Issuer (Entity ID): The value of Entity ID, obtainable from the metadata file downloaded from RSA.
   SAML URL: The value of SingleSignOnService, obtainable from the metadata file downloaded from RSA.
   Identity Provider Certificate: Copy and paste the certificate downloaded from RSA.
7. Click Save.