This section describes how to integrate RSA SecurID Access with Sumologic using relying party. Relying party uses SAML 2.0 to integrate RSA SecurID Access as a SAML Identity Provider (IdP) to Sumologic SAML Service Provider (SP).

Architecture Diagram

Configure RSA Cloud Authentication Service

Perform these steps to configure RSA Cloud Authentication Service as a relying party SAML IdP to Sumologic .

Procedure

1. Sign into the RSA Cloud Administration Console and browse to Authentication Clients > Relying Parties and click Add a Relying Party.

2. Click the Add a Relying Party button on the My Relying Parties page.

3. From the Relying Party Catalog select the +Add button for Service Provider SAML.

4. Enter a Name for the Service Provider in the Name field on the Basic Information page.

5. Click the Next Step button.
6. On the Authentication page, select RSA SecurID Access manages all authentication.
7. Select your access policy from the Access Policy for Additional Authentication drop-down menu.

8. Select Next Step.
9. For Connection Profile page's Service Provider Metadata section, enter the following information:

9. 1. Assertion Consumer Service (ACS) URL Enter the Assertion Consumer url from Step 7 of Configure SAML in Sumologic section.
   2. Service Provider Entity ID - Enter the Entity ID from Step 7 of Configure SAML in Sumologic section.
10. Select Default Service Provider Entity ID in Audience for SAML Response section.

11. Click Show Advanced Configuration and configure User Identity with the following values:

12. Click Download Certificate and save the certificate. This certificate will be required of the Configure SAML in Sumologic section.

12. 1. Identifier Type : Auto Detect

    2. Property : Auto Detect

13. In the Attribute Extension section, click on +Add button and add the following two attributes:

a. Attribute Name : lastName, Identity Source : your identity source, Property : sn.

b. Attribute Name : firstName, Identity Source : your identity source, Property : givenName

14. Click Save and Finish.
15. Click Publish Changes

16. Navigate to Authentication Clients > Relying Parties and locate Sumologic in the list and from the Edit option, select View or Download IdP Metadata and note the entityID. This will be required of the Configure SAML in Sumologic section.

Configure SAML in Sumologic

Perform these steps to configure Sumologic as a Relying Party SAML SP to RSA Cloud Authentication Service.

Procedure

1. Log in to your Sumologic account using administrative credentials.
2. Navigate to Administration > Security.

3. On the Security page, click SAML tab.
4. Click Add Configuration button.

5. In Add Configuration page, enter the following values:

   1. Configuration Name: Enter a name for the configuration.

   2. Issuer: Enter the Issuer entityID of Configure RSA Cloud Authentication Service section.

   3. X.509 Certificate: Enter the content of the certificate downloaded of Configure RSA Cloud Authentication Service section.

   4. Attribute Mapping: Select Use SAML Subject.

   5. Optional Settings: Check SP initiated Login Configuration.

      1. Authn Request URL: Enter the entityID of Configure RSA Cloud Authentication Service section.

      2. Select Disable Requested Authentication Context.

      3. Select Binding Type: Select Post.

5. Click Save.

6. Click on the configuration row created above, SP configuration should be visible. These configuration are required of Configure RSA Cloud Authentication Service section.

Configuration is complete.

Return to the Main Page for more certification related information.