This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Integrations

Relying Party Configuration - Teem RSA Ready SecurID Access Implementation Guide

This section contains instructions on how to integrate RSA SecurID Access with Teem using Relying Party. Relying party uses SAML 2.0 to integrate RSA SecurID Access as a SAML Identity Provider (IdP) to Teem SAML Service Provider (SP).

Architecture Diagram

arch-diag-rp-saml_624x403.png

RSA Cloud Authentication Service

Follow the steps in this section to configure RSA Cloud Authentication Service as a Relying Party SAML IdP to Teem .

Procedure

1. Logon to the RSA Cloud Administrative Console and browse to Authentication Clients > Relying Parties and click Add a Relying Party.

2. Browse to Authentication Clients > Relying Parties and click Add a Relying Party.

rely-1.png

3. Click the Add a Relying Party button on the My Relying Parties page.

rely-4.png

4. From the Relying Party Catalog select the +Add button for Service Provider SAML.

rely-5.png

5. Enter a name for the Service Provider in the Name field on the Basic Information page.

6. Click the Next Step button.

7. On the Authentication page, select RSA SecurID Access manages all authentication.

8. From the Primary Authentication Method pulldown, select your desired login method either Password or SecurID.

9. From the Access Policy pulldown select a policy that was previously configured.

rely-10.png

10. Select Next Step.

11. Select Enter Manually.

rely-11.png

12. Enter the Assertion Consumer Service (ACS) URL. https://app.teem.com/sso/complete/saml/

13. Enter the Service Provider Entity ID (Audience) field. https://teem.com

rely-13.png

14. Under IdP Signs select Entire SAML response.

rely-14.png

15. Click Download Certificate.

16. Select Show Advanced Configuration.

17. Under Attribute Extension enter the following attributes:

urn:oid:0.9.2342.19200300.100.1.1 set to property mail

urn:oid:0.9.2342.19200300.100.1.3 set to property mail

urn:oid:2.5.4.4 set to property last name, sn

urn:oid:2.5.4.42 set to property first name, givenName

rely-16.png

18. Select Save and Finish.

19. On the My Relying Parties page, select the Edit pulldown and select View or Download IdP Metadata.

20. View the metadata file to find the Cloud IDP URL. Location=https://<company_id>.auth.securid.com/saml-fe/sso. This is the Cloud IDP URL.

21. Navigate to Users > Identity Sources.

Note: Perform the following steps to all Identity Sources used in the policy.

22. Select Edit for the Identity Source used in the Policy.

23. On the User Attributes page, verify that the Synchronize the selected policy attributes with the Cloud Authentication Service is checked.

24. In the Policies column verify that attribute mail, sn, and givenName are checked.

rely-23.png

25. Click Next Step.

26. Click Save and Finish.

27. On the top menu click Publish Changes.

rely-26.png

 

Teem

Follow the steps in this section to configure Teem as a Relying Party SAML SP to RSA Cloud Authentication Service.

Procedure

1. Login into the Teem administration console. https://app.teem.com.

2. Create your Teem SSO sub-domain. Navigate to Manage > Teen Account >Company Details.

3. Scroll down to Teem SSO Sub-Domain and enter a custom subdomain.

RPsp-3.png

4. Navigate to Manage > Apps & Integrations > 3rd Party Apps.

5. Scroll down to User Management. Click ACTIVATE for the SAML app.

RPsp-5.png

6. The configuration page will open.

7. Enter the name for your SAML Provider.

8. Enter the Cloud IDP URL in the Entity Id.

9. Enter the Cloud IDP URL in the Signin Url field.

10. Paste the Cloud certificate in the x509 field. Do not include the ---BEGIN and ---END CERTIFICATE markers.

11. Select Allow Just-In-Time provisioning.

RPsp-12_624x562.png

12. Click Save.

Note: SP initiated login URL is https://<domain>.teem.com/login

 

Configuration is complete.

 

Return to the main page for more certification related information.

 
Labels (1)
Labels:
0 Likes
Was this article helpful? Yes No
No ratings
Version history
Last update:
‎2019-01-22 10:40 AM
Updated by:
Beginner
Contributors

Related Content

Article Dashboard
© 2023 RSA Security LLC or its affiliates. All rights reserved.