Recognize - SAML Relying Party Configuration - SecurID Access Implementation Guide
2 years ago
Originally Published: 2021-08-30

Recognize - SAML Relying Party Configuration - SecurID Access Implementation Guide

This section describes how to integrate SecurID Access with Recognize using Relying Party. Relying party uses SAML 2.0 to integrate SecurID Access as a SAML Identity Provider (IdP) to Recognize SAML Service Provider (SP).

Architecture Diagram

Admin_Dharani_0-1630334890069.png

 

Configure SecurID Access Cloud Authentication Service

Perform these steps to configure SecurID Access Cloud Authentication Service as a relying party SAML IdP to Recognize .

Procedure

  1. Sign into the Cloud Administration Console and browse to Authentication Clients > Relying Parties and click Add a Relying Party.

    Admin_Dharani_1-1630334924109.png

     

    Admin_Dharani_2-1630334952997.png

     

  2. On Basic Information page enter a Name for the application, ie. Recognize Then click on Next Step.

  3. On Authentication page

    1. select the RSA SecurID Access manages all authentication

    2. Select the desired Primary Authentication Method from the dropdown list.

    3. Select the desired policy from the Access Policy for Additional Authentication.

    4. Click Next Step

      Admin_Dharani_3-1630334988797.png

       

  4. On Connection Profile page

    1. Enter the Assertion Consumer Service (ACS) From the Recognize configuration below for ACS(Consumer) URL For example: https://recognizeapp.com/rsa.com/saml/acs.

    2. Enter the Service Provider Entity ID From the Recognize configuration below for Service Provider Metadata url. For example: https://recognizeapp.com/rsa.com/saml/metadata.

    3. Open Advanced Configuration section.

    4. Add Attribute Name = email address and Property = mail

    5. Note the Entity ID for the Identity Provider this is needed below for the Recognize configuration

    6. Click on Save and Finish

      Admin_Dharani_4-1630335020461.png

       

  5. Browse to Authentication Clients > Relying Parties

  6. Scroll down to the your newly created Relying party and click down error next to Edit and choose View or Download IdP MetatData

    Admin_Dharani_5-1630335059924.png

     

  7. Click on Publish Changes. Your application is now enabled for SSO. If you make any additional changes to the application configuration you will need to republish.

    Admin_Dharani_6-1630335098030.png

     

 

Configure Recognize

Perform these steps to integrate Recognize with SecurID Access as a Relying Party SAML SP.

Procedure

  1. Sign into Recognize and browse to Settings > SSO.

  2. For Entity ID enter the Issuer Entity ID from SecurID Access CAS noted above.

  3. For SSO Target URL enter the Identity Provider URL from CAS noted above.

  4. For SLO Target URL enter the Identity Provider URL from CAS noted above.

  5. For Certificate use the contents of the metadata XML file downloaded above and copy the X.509 certification information between the tags <ds:X509Certificate></ds:X509Certificate> and paste it in the IDP Certificate field.

  6. Note the Service Provider Metadata url value it will be used in the CAS configuration above for Audience.

  7. Note the ACS(Consumer) URL value it will be used in the CAS configuration above for the ACS.

  8. Save changes.

Configuration is complete.

Next Step: See main page for more certification information.

Related Articles

Trending Articles

Don't see what you're looking for?