Federated Directory - SAML My Page SSO Configuration RSA Ready Implementation Guide
2 years ago
Originally Published: 2023-07-11

This section describes how to integrate Federated Directory with RSA Cloud Authentication Service using My Page SSO.

Configure RSA Cloud Authentication Service

Perform these steps to configure RSA Cloud Authentication Service using My Page SSO.

Procedure

  1. Enable My Page SSO by accessing the RSA Cloud Administration Console > Access > My Page > Single Sign-On (SSO).
    Ensure it is enabled and protected using two-factor authentication - Password and Access Policy.
  2. On the Applications Application Catalog page, click Create from Template.
  3. Select SAML Direct.
  4. Choose Cloud in the Basic Information section, and click Next Step.
    Saneesh_8-1686120262196.png
  5. In the Connection Profile section, click the IDP-initiated option.
    Saneesh_9-1686120286592.png
  6. Fill the Service Provider details in the following format:
    1. ACS URLhttps://api.federated.directory/v2/Login/Saml2/<Directory ID>/Acs
    2. Service Provider Entity ID: federated.directory/<Directory ID>
      Saneesh_10-1686120383591.png
  7. In the SAML Response Protection section, select IdP signs assertion within response.
  8. Select Override default signing key and certificate.
  9. Click Generate Cert Bundle or use your own certificates and perform the following steps:
    1. Select Choose File and upload the private key.
    2. Select Choose File to import the public signing certificate.

    Saneesh_11-1686120483348.png
  10. Select Show Advanced Configuration, and under the User Identity section, select the Property type and Property value.
    Saneesh_12-1686120504785.png
  11. Click Next Step.
  12. Choose your desired Access Policy for this application and click Next Step > Save and Finish.
  13. Click Publish Changes.
    Saneesh_13-1686120528921.png

Configure Federated Directory

Perform these steps to configure Federated Directory.

Procedure

  1. Log on to your Federated Directory account.
  2. Navigate to Directories, then click CREATE DIRECTORY.
    Saneesh_0-1690523555946.png
  3. Provide your new directory a name and a short description, then click CREATE DIRECTORY.
  4. Go to the Settings tab and copy the Id value. This value will be used in the ACS URL which will be added in RSA.
  5. Select the options of Federated Directory Accounts and SAML.
    1. Provide the value of IdP entity id generated in RSA and paste it on the Login URL.
    2. Paste the certificate value copied from the certificate generated (Step 9 of the previous section). Remove the begin certificate and end certificate comment before pasting.
      Saneesh_1-1690523707155.png

Notes

User creation for testing requires selecting the option of Federated Directory accounts. For creating the user, perform the following steps. 

  1. Go to the Users tab and click CREATE USER.
    Saneesh_2-1690523792593.png
  2. Set the same password as in RSA for testing purposes.

To test the SP initiated flow, go to https://www.federated.directory/of/<your-company-name>

 

 

Configuration is complete.

Return to main page.

Related Articles

Trending Articles

Don't see what you're looking for?