Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
organisationcloud/saml [2020_01_03 15:32] – Azure SAML added eric | organisationcloud/saml [2020_06_22 18:44] – [SAML 2.0 and the SME Enterprise File Fabric] jim | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== SAML 2.0 and the SME Enterprise File Fabric ====== | ====== SAML 2.0 and the SME Enterprise File Fabric ====== | ||
- | last updated | + | last updated |
The Enterprise File Fabric supports users logging-in via the SAML 2.0 protocol. The SAML 2.0 protocol is increasing in popularity, and there are a number of different flavours and variations provided by different identity providers (IDPs), like Active Directory Federation Services (ADFS) and Google Suite (GSuite). | The Enterprise File Fabric supports users logging-in via the SAML 2.0 protocol. The SAML 2.0 protocol is increasing in popularity, and there are a number of different flavours and variations provided by different identity providers (IDPs), like Active Directory Federation Services (ADFS) and Google Suite (GSuite). | ||
Line 442: | Line 442: | ||
Your Okta setup with the Enterprise File Fabric is now complete. | Your Okta setup with the Enterprise File Fabric is now complete. | ||
+ | |||
+ | ===== Configuring with Duo Access Gateway ===== | ||
+ | |||
+ | __First you will need to setup your Duo Access Gatway__ | ||
+ | As defined here: [[https:// | ||
+ | |||
+ | Service Provider Name: SME File Fabric | ||
+ | |||
+ | Entity ID: your File Fabric URL | ||
+ | |||
+ | Assertion Consumer Service: your file fabric url + /saml.html | ||
+ | |||
+ | {{: | ||
+ | Send Attributes: All | ||
+ | |||
+ | a) Group name fix | ||
+ | There is an issue with the group name (when leveraging AD as the Directory backend). By default the results that come back are the DN and not the friendly name. | ||
+ | |||
+ | When you finish generating the json file you’ll edit to to update the memberof to look like so: | ||
+ | |||
+ | ``` | ||
+ | " | ||
+ | " | ||
+ | " | ||
+ | " | ||
+ | " | ||
+ | }, | ||
+ | |||
+ | ``` | ||
+ | |||
+ | Apply that json to your DAG. | ||
+ | |||
+ | |||
+ | __Update DAG to return displayName (and other attributes we need)__ | ||
+ | |||
+ | We need to ensure that the display name is returned: | ||
+ | |||
+ | In the DAG under Authentication Source we can add displayName as one of the attributes to return: | ||
+ | |||
+ | {{: | ||
+ | |||
+ | __Gather info from DAG for SME integration__ | ||
+ | |||
+ | Follow the steps as defined here: [[https:// | ||
+ | This will give you URL/ | ||
+ | |||
+ | __Create Auth System in SME__ | ||
+ | |||
+ | We’ll enter this data into the File Fabric. Logged in as the Org Admin, in a package with SAML enabled, go to Organization> | ||
+ | |||
+ | {{: | ||
+ | {{: | ||
+ | |||
+ | This will now allow your users to click the Duo Access Gateway login button the page and login through your DAG into the File Fabric. | ||