![]() Paste the RelayState value into the Relay State field of the Service Provider Configuration and click Save.Īfter several minutes, users will be able to sign in to the OpenVPN Cloud User Portal from the IdP application dashboard. In the Identity Administration portal, perform these steps: įind and click the resulting SAML response/request in the opened SAML extension.Sign in to OpenVPN Cloud as a user by opening Install and open the SAML DevTools extension ( ) using the Chrome web browser. These steps find the RelayState value used during the SAML authentication. Perform these steps if you are using OpenVPN Cloud for IdP-initiated SSO. Select SAML, click Update, then click Confirm.Ĭonfigure OpenVPN Cloud for IdP-initiated SSO (optional) Review the SAML settings and click Finish. In the Advanced Settings section, add the following attributes, then click Next. In the IdP Authentication Endpoint field, enter the value from the Single Sign On URL field in the CyberArk IdP configuration.Ĭopy the XML from the IdP metadata file you downloaded from the CyberArk IdP and paste it into In the IdP X.509 Public Certificate field. Provide an IdP Name for your own reference. Upload this file to the CyberArk SP configuration in Configure Trust settings. Under Authenticate Users Using, select SAML and click View IDP Configuration.Ĭlick Download Service Provider Metadata. Go to Settings > User Authentication and click Edit at the top of the page. Perform these steps in OpenVPN Cloud to configure the OpenVPN Cloud app template for SSO. For example, you might want to verify that you selected the appropriate users, groups, or roles on the Permissions page. Review your settings to confirm your configuration. Do not select this option if you intend to use only SP-initiated SSO.Ĭhange the permissions if you want to add additional control or if you prefer not to automatically deploy the application. Select the permissions you want and click Save.ĭefault permissions automatically deploy the application to the User Portal if the Show in user app list option is selected on the Settings page. The added object appears on the Permissions page with View, Run, and Automatically Deploy permissions selected by default. Select the user(s), group(s), or role(s) that you want to grant permissions to, then click Add. Grant SSO access to OpenVPN Cloud by assigning permissions to users, groups, or roles. Step 4: Configure permissions to grant OpenVPN Cloud users SSO access Map any other attributes that you want to pass in the SAML response, then click Save. Verify the following attributes with the OpenVPN Cloud attribute name in the Attribute name column and the CyberArk attribute in the Attribute value column.Īttributes are case-sensitive. The uploaded metadata is displayed in the XML field. Return to the CyberArk Identity Service Provider Configuration, click Choose File and upload the file here. Sign in to the OpenVPN Cloud application (see Configure OpenVPN Cloud for SAML SSO) and download the metadata file. In the Service Provider Configuration section, select Metadata. In the Identity Provider Configuration section, select Metadata, then click Copy URL and save it. The application opens to the Settings page. On the Add Web App page, click Yes to confirm.Ĭlick Close to exit the Application Catalog. On the Search page, enter the application name in the Search field and click the search button. In the Identity Administration portal, select Apps & Widgets > Web Apps, then click Add Web Apps. This application template supports the following features:īefore you configure OpenVPN Cloud for SSO, make sure you have done the following:Ĭreate an account in the OpenVPN Cloud application with administrator access.Ĭonfigure the OpenVPN Cloud app template in the Identity Administration portal Step 1: Add the OpenVPN Cloud web app template This topic describes how to configure OpenVPN Cloud for Single Sign-On (SSO) in CyberArk Identity using SAML. OpenVPN Cloud SAML Single Sign-On (SSO) integration
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |