Configure RSA Cloud Authentication Service

1. Sign in to the RSA Cloud Administration Console.
2. Navigate to the Authentication Clients menu and select Relying Parties.
3. In the Relying Party Catalog, select Add a Relying Party and click Add for Service Provider SAML.
4. On the Basic Information page, enter a name for the application in the Name field and click Next Step.
5. In the Authentication tab, select SecurID manages all authentication.
6. Select the Primary Authentication Method and Access Policy as required and click Next Step.
7. Provide the Service Provider details in the following format: 
   1. Assertion Consumer Service (ACS) URL: https://accounts.zoho.in/signin/samlsp/<application Id >  
   2. Service Provider Entity ID: <Zoho.in>

8. In the SAML Response Protection section, select IdP signs assertion within response.
9. Download the certificate by clicking Download Certificate.
10. Under the User Identity section, select Show Advanced Configuration, then configure Identifier Type and Property as follows:
    1. Identifier Type: Auto Detect
    2. Property: Auto Detect

11. Click Save and Finish.
12. On the My Relying Parties page, click Edit dropdown and select Metadata option to download the metadata.
13. Click Publish Changes to save your settings. After publishing, your application will be enabled for SSO.

Configure Zoho Directory

1. Log in to Zoho Directory with admin credentials.
2. Navigate to Security > Custom Authentication then click Add Identity Provider.
3. Provide the details for Display Name and Choose Groups.
4. Select SAML radio button and copy the ACS URL.
5. Provide the mandatory details and click Save.
   1. Sign-in URL – The value of SingleSignOnService URL, obtainable from the metadata file downloaded from the RSA platform.
   2. Verification Certificate - Upload the certificate downloaded from the RSA platform.