TIB 2.0 Administration Functions Overview
|
|
- Chloe Gardner
- 7 years ago
- Views:
Transcription
1 TIB 2.0 Administration Functions Overview
2 Table of Contents 1. INTRODUCTION Purpose/Background Definitions, Acronyms and Abbreviations 4 2. OVERVIEW Overall Process Map 5 3. ADMINISTRATOR FEATURES Organization Invitation and Registration Description Process Map Example Screenshot Organization Management Description Process Map Example Screenshots Community Creation Description Process Map Example Screenshots Identity Provider Registration and Management Description Process Map Example Screenshots Service Provider Registration and Management Description Process Map Example Screenshots Export MetaData Description Example Screenshot Manage Provider Status Description Example Screenshots Manage Certificates Description Example Screenshot Service / Application Registration Description Process Map Example Screenshots 42 Page 2 of 55
3 3.10. Providers Join Community Description Process Map Example Screenshots Application Join Community Description Process Map Example Screenshots Setup Trust Relationship between Providers Description Process Map Example Screenshots 52 Page 3 of 55
4 1. Introduction 1.1. Purpose/Background The purpose of this document is to describe the features of Covisint Trust Identity Broker (TIB) 2.0 Administration processes and functions Definitions, Acronyms and Abbreviations Term Authentication Authenticator Credential Federation Identity Identity Broker (IdB) Identity Management Realm (IdM Realm or Realm) Identity Provider (IdP) Principal Security Assertion Markup Language (SAML) Security Group Service Provider (SP) Role Security Token Service Service Package Definition The process used to verify a principal and bind the principal to their identity. A key that is used to verify a principal in an authentication process. Examples of authenticators include: passwords, two-factor software tokens (i.e. PKI certificates), two-factor hardware tokens (i.e. SecurID), biometrics, etc. A unique identifier (i.e. User ID) and the associated authenticator that is used to bind the principal to their identity in an authentication process. The ability to utilize identities from one security domain within another using a pre-established trust relationship between the participating entities. The IdP is responsible for making an identity assertion and the SP is responsible for providing the appropriate service(s) to the identity s principal. The digital representation of a principal described by its assigned characteristics; which are the credential, the attributes that describe the principal, and the permissions which have been granted to the principal. Provides support for protocol translation allowing an IdP and SP to use different federation protocols. Provides support for attribute mapping allowing an IdP and SP to use different attribute names to reference the same identity information. An IdB receives incoming assertions from IdPs using formats and protocols which are specific to each individual IdP and subsequently translates and routes the assertions for consumption by authorized SPs using the formats and protocols required by each individual SP. An IdM Realm defines the set of all users (and the services that are available to be granted to those users) based on a set of established federation trust relationships with participating IdPs and/or SPs. An entity that is responsible for the creation and management of a principal s identity, the authentication of the principal, and the federation of the principal s identity to an SP or a Federation Broker. An individual or system. An XML-based framework for securely communicating identity information (unique identifier, attributes, and permissions) between security domains through a federation. Defines the specific set of users that are managed by an administrator(s) as well as their available services. Security Group administrative relationships are defined by Security Group hierarchies. An entity that consumes an inbound federation from an IdP or a Federation Broker for the purpose of providing a service(s) to the identity s principal. Defines a business function that a permission or group of permissions can be assigned to. When a role is granted to a principal it gives the principal all the associated permissions. A generic term that may be applied to describe a Kerberos ticket, session cookie, assertion, etc. An application or site. A service is typically represented as a URL. A grouping of one or more services that must be requested and granted as a group. Service packages also contain additional information about the services (i.e. User must accept Terms & Conditions to gain access). Service packages, not services, are Page 4 of 55
5 Term SSO Definition requested and granted. Single Sign-On. A principal is able to do a single initial authentication within a local security domain making the principal s identity information available (via a security token) to the local security domain. And through federation, the principle s identity information can also be made available to any other federated security domains. 2. Overview TIB 2.0 Administration Functions are used to manage the cryptographic trust relationships with Covisint required to support identity federations. They allow IdPs and SPs to be invited and register with the Covisint TIB service, define the federation protocol that will be used by the Provider, and establish the specific assertion attribute map that will be utilized during a federation. They also provide features for certificate management between the Provider and the TIB required to maintain the trust relationship Overall Process Map Org A Registered in TIB and the Registrant accepted the Security Admin Role, who could Invite other Admins to Join the Org TIB Admin Creates a Community owned by an Org TIB Admin or Community Admin Send Org Registration Invitations Org B Registered in TIB and the Registrant accepted the Security Admin Role, who could Invite other Admins to Join the Org Provider Admin Creates a SP Application Configuration Admin Creates Application (SP) Provider Admin Requests (Provider and Application) to Join Community Org C Registered in TIB and the Registrant accepted the Security Admin Role, who could Invite other Admins to Join the Org Provider Admin Creates an IdP (IdP) Provider Admin Requests to Join Community Community Admin Approves Requests of Join Community (IdP) Provider Admin Requests Trust Relationship (with SP) (SP) Provider Admin Approves Request of Trust Relationship (from IdP) (SP) Provider Admin Requests Trust Relationship (with IdP) (IdP) Provider Admin Approves Request of Trust Relationship (from SP) Ready for Federation of IdP User to SP Application Figure 1 Overall Process Map of Setting up Trust Relationship Between SP and IdP Figure 1 shows the overall process flow of setting up trust relationship between SP and IdP. At high level, the process includes following key steps: Registration of Organizations with Covisint TIB (invited and approved by TIB Administrator or Community Administrator) o Organization that will be community owner o Organization that will own IdP(s) o Organization that will own SP(s) and application(s) Creation of Community Creation and Configuration of Providers Page 5 of 55
6 o Identity Provider o Service Provider Creation of Application(s) under SP Providers Request to Join Community (i.e. Request to Register with Community) Community Administrator Approves Provider's Request SP Provider Requests to Register the Application with Community Community Administrator Approves the Request of Application Registration SP and IdP in the same community setup Trust Relationship through Request and Approval Process. Note: One Organization can own Community, SP, and IdP at the same time. To make it easier to be illustrated, this document assumes that the Community, SP, and IdP are owned by different Organizations. 3. Administrator Features 3.1. Organization Invitation and Registration Description Communities and Providers are owned by Organizations in TIB. In order to create Communities and Providers, Organization must be registered in TIB first. The Organization registration process starts with TIB Administrator (Covisint Support team) or Community Administrator (Community Owner) sending out invitation from TIB. The registrant receives the invitation through , follows the url in the to the TIB registration web site. The registrant creates organization and user (the registrant) profile and submit the registration request. The request will be routed to TIB Administrator who will approve or reject the request. After the request is approved, the new organization will be created in TIB. In addition, the user account of the registrant will be created. By default, the registrant will be the first Security Administrator of the Organization, who can invite additional Admin users to the Organization, grant or revoke Administrator roles to or from Admin users in the same organization. Page 6 of 55
7 Process Map Figure 2 Organization Invitation and Registration Example Screenshot Figure 3 Select Invite Organization to Community from the Communities menu Page 7 of 55
8 Figure 4 Invite a new organization by entering their address. A personalized invitation or message can be created at this time. Figure 5 An will be sent to the recipient, and the Community dashboard will display Page 8 of 55
9 Figure 6 Invitee receives the above message, and clicks on the hyperlink Figure 7 Invitee is asked to accept administrative role for their organization Page 9 of 55
10 Figure 8 Invitee enrolls their organization. Provider access options can be completed at this time, including the upload of Terms & Conditions Figure 9 Invitee registers their personal information Page 10 of 55
11 Figure 10 Invitee registers for TIB credentials Figure 11 Invitee must accept the Covisint TIB Terms & Conditions Page 11 of 55
12 Figure 12 Invitee must specify why they are requesting access to the community Figure 13 Request is put into queue for administrative approval Page 12 of 55
13 Figure 14 TIB Admin reviews pending Organization request and approve or reject a request by clicking the link Organization Management Description A Security Administrator of an Organization can edit the profile and setting of the organization, manage the profile and role grant of admin users in the organization, invite new admin users to join the organization, and approve / reject admin user registration request. Page 13 of 55
14 Process Map Figure 15 Security Administrator Manages the Organization Page 14 of 55
15 Example Screenshots Figure 16 Security Admin edits Organization settings Figure 17 Security Admin invites others to join the organization Page 15 of 55
16 Figure 18 Invitee receives the invitation , clicks the url link to start the registration Figure 19 Invitee types in invite ID and Pin. Then finishes the registration process Page 16 of 55
17 Figure 20 Security Admin approves / rejects admin registration request Figure 21 Security Admin search for admin user, clicks on a user ID to manage the account Page 17 of 55
18 Figure 22 Security Admin update the admin user's account Figure 23 Security Admin search for admin user, clicks on a user ID to manage the roles Page 18 of 55
19 Figure 24 Security Admin update the admin user's role grants 3.3. Community Creation Description A TIB Administrator from Covisint will create Community in TIB. The TIB Administrator needs to pick an Organization as the owner of the Community while creating the Community. After the Community is created, a Security Administrator from the owning Organization needs to assign the Community Administrator Role to one or more admin user(s) in the Organization, who will act as the owner of the Community to manage the Community, invite Providers into the Community, approve registration request from Providers. There are two access options for a Community: a) One request from an Organization covers all the providers and applications owned by the Organization; b) Individual request is needed for each provider and application owned by an Organization. Page 19 of 55
20 Process Map Figure 25 Select Manage Identity Providers from the Providers menu Example Screenshots Figure 26 TIB Administrator creates new Community 3.4. Identity Provider Registration and Management Description In order to create a new Identity Provider (IdP), a Security Administrator from the owning Organization needs to assign the Provider Administrator and Community Administrator Role to one or more admin user(s) in the Organization, who will create, manage the IdP and approve registration request from other Providers in the same Community. The registration process is used to submit all the information required to identify and integrate the IdP with Covisint s TIB service. Page 20 of 55
21 Process Map Figure 27 Provider Administrator creates new IdP Example Screenshots Figure 28 Under Identity Provider tab in the Manager Provider page, click on Create New IDP Configuration Page 21 of 55
22 Figure 29 Add Identity Provider, Step 1 Figure 30 Adding an Identity Provider using an existing meta data file Page 22 of 55
23 Figure 31 Adding Identity Provider, Step 2, after importing configuration from meta data file Figure 32 Adding an Identity Provider, Step 3, configuring TIB-to-IDP attribute mappings Page 23 of 55
24 Figure 33 Adding an Identity Provider, manual configuration The following figures show examples of the screenshots that will be displayed while managing an existing Identity Providers. Page 24 of 55
25 Figure 34 Select an IdP by clicking its hyperlink in the list of available IdPs Figure 35 Viewing the configuration of an existing IdP Page 25 of 55
26 Figure 36 Uploading or pasting in a new certificate for the IdP Figure 37 Viewing the attribute mappings for an existing IdP Page 26 of 55
27 Figure 38 Adding a new attribute map for an existing IdP Figure 39 Save changes Page 27 of 55
28 3.5. Service Provider Registration and Management Description In order to create a new Service Provider (SP), a Security Administrator from the owning Organization needs to assign the Provider Administrator and Community Administrator Role to one or more admin user(s) in the Organization, who will create, manage the SP and approve trust relationship request from other Providers in the same Community. The registration process is used to submit all the information required to identify and integrate the SP with Covisint s TIB service Process Map Provider Administrator Create Service Provider (SP) Logins into TIB, Clicks on Manage Provider -> Service Provider tab -> Create new SP Configuration Shows the Form of Selecting Federation Protocol Shows the Option of Uploading the Metadata File Shows the Form of SP Configuration Detail Picks the Protocol Optionally Uploads the Metadata File Clicks Next Updates the Configuration Detail Clicks Next Shows the Form of Mapping Attributes Between TIB and the SP Creates the Service Provider Displays Confirmation Message, and the List of Existing SP Adds Attribute Mappings Clicks Save Figure 40 Provider Administrator creates new SP Example Screenshots The following figures show examples of the screenshots that will be displayed while registering a new Service Provider. Page 28 of 55
29 Figure 41 Under Service Provider tab in the Manager Provider page, click on Create New SP Configuration Figure 42 Add Service Provider, Step 1 Page 29 of 55
30 Figure 43 Adding an Service Provider using an existing meta data file Figure 44 Adding Service Provider, Step 2, after importing configuration from meta data file Page 30 of 55
31 Figure 45 Adding Service Provider, Step 3, configuring SP-to-TIB attribute mappings Figure 46 Save Changes 3.6. Export MetaData Description Provider metadata can be exported into.xml files in order to upload into remote end points that need to connect to the ID-Broker service Example Screenshot Page 31 of 55
32 Figure 47 Click on the Export Metadata icon of a Provider from the Manage Provider screen Figure 48 Click the Open with radio button to view the metadata in an XML editor Page 32 of 55
33 Figure 49 Viewing the metadata Figure 50 Click the Save File radio button to save the metadata as an XML file Page 33 of 55
34 3.7. Manage Provider Status Description Example Screenshots The following figures show examples of the screenshots that will be displayed while suspending an existing Provider. Figure 51 Providers can be suspended by clicking the Suspend button Page 34 of 55
35 Figure 52 Providers can be reactivated or removed once suspended 3.8. Manage Certificates Description This feature gives TIB Administrators the ability to install new or updated certificates and remove expired certificates for the Providers over which they have administrative control. The interface allows certificates to be imported from standard X.509.crt files, or pasted into a textarea box. Also, certificate validation files can be exported from this interface Example Screenshot The following figures show examples of the screenshots that will be displayed while creating new certificates. Page 35 of 55
36 Figure 53 Click on the Add Certificate button in the Encryption section of a SP, or Page 36 of 55
37 Figure 54 Click on the Add Certificate button in the Digital Signature section of an IdP Figure 55 Paste the certificate text into the text box, or import from a file Page 37 of 55
38 Figure 56 Importing a certificate from a file Page 38 of 55
39 Figure 57 or paste the certificate into the text box The following figures show examples of the screenshots that will be displayed while managing existing certificates. Figure 58 From the Manage Provider page, click on the Certificate tab Page 39 of 55
40 Figure 59 Remove an existing certificate by clicking the trash can icon in front of it, or Figure 60 Clicks on the hyperlink of the certificate to view the detail of the certificate Page 40 of 55
41 Figure 61 Click the Download button to save the certificate into a file Figure 62 Saving a certificate as a file Page 41 of 55
42 3.9. Service / Application Registration Description A Service Registration is used to register a Service (Application) with TIB. The registration process is used to associate the service with an Organization, identify the Service Administrator, identify the SP that will be used to support the service, and to submit the information required to identify service Process Map Figure 63 Create new Application Example Screenshots Figure 64 Application Administrator clicks on Add New Application Page 42 of 55
43 Figure 65 Fills out the form of creating new application and clicks Save Figure 66 New application has been created Providers Join Community Description In order to setup trust relationship between SPs and IdPs, the Providers have to join the same Community. There are two ways for a Provider to join a Community - through request and approval, or invite and registration. Page 43 of 55
44 A Provider (IdP or SP) Administrator can send request to join a Community. The Community Admin review and approve / reject the request. Upon the approval of the request, the Provider will became a member of the Community. A Community Administrator can send out invitation to the Organization that owns Providers. The invitation is sent out through . There is a url, a invitation key, and a pin in the . A Provider Administrator from the Organization that receives the invitation follows the url, use the invitation key and pin to register the Provider(s) that the Organization owns with the Community. With valid invitation key and pin, the Provider(s) that the Providers Administrator picks will be automatically added to the Community after the registration is successfully submitted Process Map Figure 67 Provider join community through request and approval process Figure 68 Provider join community through invite and registration process Page 44 of 55
45 Example Screenshots Request and approval process: Figure 69 Provider Admin clicks on Join Community and see the communities can join Figure 70 Provider Admin reviews the community information, clicks Register link Page 45 of 55
46 Figure 71 Provider Admin reviews the summary of the request, clicks Submit Figure 72 Request is submitted, pending for approval Page 46 of 55
47 Figure 73 Requests shows up in Community Admin's pending request list Figure 74 The Provider's status in the Community is Active after the request is approved Page 47 of 55
48 Invite and registration process: Figure 75 Community Admin picks the organization to invite and clicks Send Invitation Figure 76 Organization Admin receives the invitation , logs into TIB to register with the community Application Join Community Description An Application in the SP needs to join the Community in order to make it accessible to the users from trusted IdP. The pre-condition is that the SP that owns the Application is already in the Page 48 of 55
49 Community. An Application Administrator can send request to join a Community. If the Community is configured to require approval for each Application, the request will be routed to the Community Admin's queue for approval. Otherwise, the request will be automatically approved. Upon the approval of the request, the Application will became available to the trusted IdPs in the same Community Process Map Figure 77 Application join community Example Screenshots Page 49 of 55
50 Figure 78 Application join a Community Figure 79 Pick a Community, then click Application tab. Click Register link Page 50 of 55
51 Figure 80 Pick a Community, then click Application tab. Click Register link Figure 81 Request is approved, the Application's Status in Community is Active Page 51 of 55
52 3.12. Setup Trust Relationship between Providers Description After the IdP and SP have joined the same Community, trust relationship can be setup between them. Providers need to send request for relationship to each other. After both sides approve the request, the trust relationship between the two Organizations will be setup Process Map (SP) Provider Administrator Request for Provider Trust Relationship Logins into TIB, Clicks on Communities -> Manage Community, Picks the Community from the Dropdown, Clicks Identity Provider tab Shows the List of IdP available for Requesting Trust Relationship Clicks on Request Relationship link of one IdP Shows the Summary of the Request Reviews and Submits the Request Persists the Request Shows the Confirmation Message (IdP) Provider Administrator Approve Provider Trust Relationship Request Logins into TIB, Clicks on Communities -> Pending Community Requests Shows the List Request Under the Provider Trust Relationship tab Reviews the Detail of a Request, Clicks Approve Sets the Trust Relationship Between the Providers in Pending state Displays Confirmation Message (IdP) Provider Administrator Request for Provider Trust Relationship Logins into TIB, Clicks on Communities -> Manage Community, Picks the Community from the Dropdown, Clicks Service Provider tab Shows the List of SP available for Requesting Trust Relationship Clicks on Request Relationship link of one SP Shows the Summary of the Request Reviews and Submits the Request Persists the Request Shows the Confirmation Message (SP) Provider Administrator Approve Provider Trust Relationship Request Logins into TIB, Clicks on Communities -> Pending Community Requests Shows the List Request Under the Provider Trust Relationship tab Reviews the Detail of a Request, Clicks Approve Sets up the Trust Relationship Between the Providers (if the request from SP to IdP has been approved already) Displays Confirmation Message Figure 82 Setup trust relationship between Providers Example Screenshots Page 52 of 55
53 Figure 83 SP request trust relationship with an IdP Figure 84 Review request summary and submit Page 53 of 55
54 Figure 85 Confirmation message. The request is Pending for Approval Figure 86 IdP Admin review the pending request and Approve it Page 54 of 55
55 Figure 87 IdP request trust relationship with an SP Figure 88 SP Admin review the pending request and Approve it Page 55 of 55
T his feature is add-on service available to Enterprise accounts.
SAML Single Sign-On T his feature is add-on service available to Enterprise accounts. Are you already using an Identity Provider (IdP) to manage logins and access to the various systems your users need
More informationSAM Context-Based Authentication Using Juniper SA Integration Guide
SAM Context-Based Authentication Using Juniper SA Integration Guide Revision A Copyright 2012 SafeNet, Inc. All rights reserved. All attempts have been made to make the information in this document complete
More informationConfiguring Single Sign-on from the VMware Identity Manager Service to WebEx
Configuring Single Sign-on from the VMware Identity Manager Service to WebEx VMware Identity Manager SEPTEMBER 2015 V 2 Configuring Single Sign-On from VMware Identity Manager to WebEx Table of Contents
More informationStep-by-Step guide for SSO from MS Sharepoint 2010 to SAP EP 7.0x
Step-by-Step guide for SSO from MS Sharepoint 2010 to SAP EP 7.0x Sverview Trust between SharePoint 2010 and ADFS 2.0 Use article Federated Collaboration with Shibboleth 2.0 and SharePoint 2010 Technologies
More informationSingle Sign On (SSO) Implementation Manual. For Connect 5 & MyConnect Sites
Single Sign On (SSO) Implementation Manual For Connect 5 & MyConnect Sites Version 6 Release 5.7 September 2013 1 What is Blackboard Connect Single Sign On?... 3 How it Works... 3 Drawbacks to Using Single
More informationAgenda. How to configure
dlaw@esri.com Agenda Strongly Recommend: Knowledge of ArcGIS Server and Portal for ArcGIS Security in the context of ArcGIS Server/Portal for ArcGIS Access Authentication Authorization: securing web services
More informationCA Nimsoft Service Desk
CA Nimsoft Service Desk Single Sign-On Configuration Guide 6.2.6 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation
More informationConfiguring EPM System 11.1.2.1 for SAML2-based Federation Services SSO
Configuring EPM System 11.1.2.1 for SAML2-based Federation Services SSO Scope... 2 Prerequisites Tasks... 2 Procedure... 2 Step 1: Configure EPM s WebLogic domain for SP Federation Services... 2 Step 2:
More informationEgnyte Single Sign-On (SSO) Installation for OneLogin
Egnyte Single Sign-On (SSO) Installation for OneLogin To set up Egnyte so employees can log in using SSO, follow the steps below to configure OneLogin and Egnyte to work with each other. 1. Set up OneLogin
More informationCopyright Pivotal Software Inc, 2013-2015 1 of 10
Table of Contents Table of Contents Getting Started with Pivotal Single Sign-On Adding Users to a Single Sign-On Service Plan Administering Pivotal Single Sign-On Choosing an Application Type 1 2 5 7 10
More informationOnly LDAP-synchronized users can access SAML SSO-enabled web applications. Local end users and applications users cannot access them.
This chapter provides information about the Security Assertion Markup Language (SAML) Single Sign-On feature, which allows administrative users to access certain Cisco Unified Communications Manager and
More informationConfiguring Single Sign-on from the VMware Identity Manager Service to AirWatch Applications
Configuring Single Sign-on from the VMware Identity Manager Service to AirWatch Applications VMware Identity Manager AUGUST 2015 V1 Configuring Single Sign-On from VMware Identity Manager to AirWatch Applications
More informationADFS Integration Guidelines
ADFS Integration Guidelines Version 1.6 updated March 13 th 2014 Table of contents About This Guide 3 Requirements 3 Part 1 Configure Marcombox in the ADFS Environment 4 Part 2 Add Relying Party in ADFS
More informationSecurity Assertion Markup Language (SAML) Site Manager Setup
Security Assertion Markup Language (SAML) Site Manager Setup Trademark Notice Blackboard, the Blackboard logos, and the unique trade dress of Blackboard are the trademarks, service marks, trade dress and
More informationThis chapter describes how to use the Junos Pulse Secure Access Service in a SAML single sign-on deployment. It includes the following sections:
CHAPTER 1 SAML Single Sign-On This chapter describes how to use the Junos Pulse Secure Access Service in a SAML single sign-on deployment. It includes the following sections: Junos Pulse Secure Access
More informationSP-initiated SSO for Smartsheet is automatically enabled when the SAML feature is activated.
Chapter 87 Configuring Smartsheet The following is an overview of the steps required to configure the Smartsheet Web application for single sign-on (SSO) via SAML. Smartsheet offers both IdP-initiated
More informationACTIVID APPLIANCE AND MICROSOFT AD FS
ACTIVID APPLIANCE AND MICROSOFT AD FS SAML 2.0 Channel Integration Handbook ActivID Appliance 7.2 July 2013 Released Document Version 1.0 hidglobal.com Table of Contents 1.0 Introduction...3 1.1 Scope
More informationDefender 5.7 - Token Deployment System Quick Start Guide
Defender 5.7 - Token Deployment System Quick Start Guide This guide describes how to install, configure and use the Defender Token Deployment System, based on default settings and how to self register
More informationSAML-Based SSO Solution
About SAML SSO Solution, page 1 SAML-Based SSO Features, page 2 Basic Elements of a SAML SSO Solution, page 2 SAML SSO Web Browsers, page 3 Cisco Unified Communications Applications that Support SAML SSO,
More informationAn overview of configuring WebEx for single sign-on. To configure the WebEx application for single-sign on from the cloud service (an overview)
Chapter 190 WebEx This chapter includes the following sections: "An overview of configuring WebEx for single sign-on" on page 190-1600 "Configuring WebEx for SSO" on page 190-1601 "Configuring WebEx in
More informationSAML Single-Sign-On (SSO)
C O L A B O R A T I V E I N N O V A T I O N M A N A G E M E N T Complete Feature Guide SAML Single-Sign-On (SSO) 1. Features This feature allows administrators to setup Single Sign-on (SSO) integration
More informationTo set up Egnyte so employees can log in using SSO, follow the steps below to configure VMware Horizon and Egnyte to work with each other.
w w w. e g n y t e. c o m Egnyte Single Sign-On (SSO) Installation for VMware Horizon To set up Egnyte so employees can log in using SSO, follow the steps below to configure VMware Horizon and Egnyte to
More informationTenrox. Single Sign-On (SSO) Setup Guide. January, 2012. 2012 Tenrox. All rights reserved.
Tenrox Single Sign-On (SSO) Setup Guide January, 2012 2012 Tenrox. All rights reserved. About this Guide This guide provides a high-level technical overview of the Tenrox Single Sign-On (SSO) architecture,
More informationConfiguring ADFS 3.0 to Communicate with WhosOnLocation SAML
Configuring ADFS 3.0 to Communicate with WhosOnLocation SAML --------------------------------------------------------------------------------------------------------------------------- Contents Overview...
More informationProtecting Juniper SA using Certificate-Based Authentication. Quick Start Guide
Protecting Juniper SA using Certificate-Based Authentication Copyright 2013 SafeNet, Inc. All rights reserved. All attempts have been made to make the information in this document complete and accurate.
More informationEgnyte Single Sign-On (SSO) Installation for Okta
w w w. e g n y t e. c o m Egnyte Single Sign-On (SSO) Installation for Okta To set up Egnyte so employees can log in using SSO, follow the steps below to configure Okta and Egnyte to work with each other.
More informationSalesForce SSO with Active Directory Federated Services (ADFS) v2.0 Authenticating Users Using SecurAccess Server by SecurEnvoy
SalesForce SSO with Active Directory Federated Services (ADFS) v2.0 Authenticating Users Using SecurAccess Server by SecurEnvoy Contact information SecurEnvoy www.securenvoy.com 0845 2600010 Merlin House
More informationZendesk SSO with Cloud Secure using MobileIron MDM Server and Okta
Zendesk SSO with Cloud Secure using MobileIron MDM Server and Okta Configuration Guide Product Release Document Revisions Published Date 1.0 1.0 May 2016 Pulse Secure, LLC 2700 Zanker Road, Suite 200 San
More informationSmart Card Authentication. Administrator's Guide
Smart Card Authentication Administrator's Guide October 2012 www.lexmark.com Contents 2 Contents Overview...4 Configuring the applications...5 Configuring printer settings for use with the applications...5
More informationSAML Authentication Quick Start Guide
SAML Authentication Quick Start Guide Powerful Authentication Management for Service Providers and Enterprises Authentication Service Delivery Made EASY Copyright 2013 SafeNet, Inc. All rights reserved.
More informationPaymentNet Federal Card Solutions Cardholder FAQs
PaymentNet Federal Card Solutions It s easy to find the answers to your questions about PaymentNet! June 2014 Frequently Asked Questions First Time Login How do I obtain my login information?... 2 How
More informationSAML-Based SSO Solution
About SAML SSO Solution, page 1 SAML-Based SSO Features, page 2 Basic Elements of a SAML SSO Solution, page 2 SAML SSO Web Browsers, page 3 Cisco Unified Communications Applications that Support SAML SSO,
More informationEgnyte App for Android Quick Start Guide
Egnyte App for Android Quick Start Guide Introduction Welcome to the Quick Start Guide for the Egnyte App for Android. This guide will explain how to: Access files. Download content for offline access.
More informationINTEGRATION GUIDE. IDENTIKEY Federation Server for Juniper SSL-VPN
INTEGRATION GUIDE IDENTIKEY Federation Server for Juniper SSL-VPN Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided 'as is'; VASCO
More informationIntroduction to Directory Services
Introduction to Directory Services Overview This document explains how AirWatch integrates with your organization's existing directory service such as Active Directory, Lotus Domino and Novell e-directory
More informationAdvanced Configuration Administration Guide
Advanced Configuration Administration Guide Active Learning Platform October 2015 Table of Contents Configuring Authentication... 1 PingOne... 1 LMS... 2 Configuring PingOne Authentication... 3 Before
More informationAuthentication Methods
Authentication Methods Overview In addition to the OU Campus-managed authentication system, OU Campus supports LDAP, CAS, and Shibboleth authentication methods. LDAP users can be configured through the
More informationConfiguring Single Sign-on from the VMware Identity Manager Service to ServiceNow
Configuring Single Sign-on from the VMware Identity Manager Service to ServiceNow VMware Identity Manager AUGUST 2015 V1 Configuring Single Sign-On from VMware Identity Manager to ServiceNow Table of Contents
More informationIdentity Implementation Guide
Identity Implementation Guide Version 37.0, Summer 16 @salesforcedocs Last updated: May 26, 2016 Copyright 2000 2016 salesforce.com, inc. All rights reserved. Salesforce is a registered trademark of salesforce.com,
More informationIntegrating VMware Horizon Workspace and VMware Horizon View TECHNICAL WHITE PAPER
Integrating VMware Horizon Workspace and VMware Horizon View TECHNICAL WHITE PAPER Table of Contents Introduction.... 3 Requirements.... 3 Horizon Workspace Components.... 3 SAML 2.0 Standard.... 3 Authentication
More informationCreate wires using a variety of templates that simplify the data entry process.
Wire Transfers The Wire Transfer service provides secure wire transfer capabilities with a streamlined, easy-to-use web browser interface. Depending on your configuration, wire transfer features allow
More informationDell One Identity Cloud Access Manager 8.0.1 - How to Configure for SSO to SAP NetWeaver using SAML 2.0
Dell One Identity Cloud Access Manager 8.0.1 - How to Configure for SSO to SAP NetWeaver using SAML 2.0 May 2015 About this guide Prerequisites and requirements NetWeaver configuration Legal notices About
More informationMicrosoft Office 365 Using SAML Integration Guide
Microsoft Office 365 Using SAML Integration Guide Revision A Copyright 2013 SafeNet, Inc. All rights reserved. All attempts have been made to make the information in this document complete and accurate.
More informationCash Management 5.0 User Guide
Cash Management 5.0 User Guide Accessing Cash Management Online Banking Access Cash Management using www.busey.com as you always have. 1. Enter your company ID as assigned by your financial institution
More informationUsing SAML for Single Sign-On in the SOA Software Platform
Using SAML for Single Sign-On in the SOA Software Platform SOA Software Community Manager: Using SAML on the Platform 1 Policy Manager / Community Manager Using SAML for Single Sign-On in the SOA Software
More informationDualShield SAML & SSO. Integration Guide. Copyright 2011 Deepnet Security Limited. Copyright 2011, Deepnet Security. All Rights Reserved.
DualShield Integration Guide Copyright 2011 Deepnet Security Limited Copyright 2011, Deepnet Security. All Rights Reserved. Page 1 Trademarks Deepnet Unified Authentication, MobileID, QuickID, PocketID,
More informationHOTPin Integration Guide: Salesforce SSO with Active Directory Federated Services
1 HOTPin Integration Guide: Salesforce SSO with Active Directory Federated Services Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided
More informationOneLogin Integration User Guide
OneLogin Integration User Guide Table of Contents OneLogin Account Setup... 2 Create Account with OneLogin... 2 Setup Application with OneLogin... 2 Setup Required in OneLogin: SSO and AD Connector...
More informationCox Managed CPE Services. RADIUS Authentication for AnyConnect VPN Version 1.3 [Draft]
Cox Managed CPE Services RADIUS Authentication for AnyConnect VPN Version 1.3 [Draft] September, 2015 2015 by Cox Communications. All rights reserved. No part of this document may be reproduced or transmitted
More informationFlexible Identity Federation
Flexible Identity Federation Administration guide version 1.0.1 Publication history Date Description Revision 2015.09.24 initial release 1.0.0 2015.12.11 minor updates 1.0.1 Copyright Orange Business Services
More informationBusiness Banking Customer Login Experience for Enhanced Login Security
Business Banking Customer Login Experience for Enhanced Login Security User credentials uniquely identify each person who uses the banking platform. The intent of authentication is unequivocal verification
More informationHP Software as a Service. Federated SSO Guide
HP Software as a Service Federated SSO Guide Document Release Date: July 2014 Legal Notices Warranty The only warranties for HP products and services are set forth in the express warranty statements accompanying
More informationSHIPSTATION / MIVA MERCHANT SETUP GUIDE
SHIPSTATION / MIVA MERCHANT SETUP GUIDE 9/20/2013 Miva Merchant Setup Guide ShipStation has created a Miva Merchant module to allow for a more streamlined order fulfillment process. This guide provides
More informationAdmin Guide Hosting Control Panel Active Directory (AD) Synchronization
Admin Guide Hosting Control Panel Active Directory (AD) Synchronization DOCUMENT REVISION DATE: February, 2010 Active Directory (AD) Sync Hosting CP / Table of Contents Page 2 of 16 Table of Contents QUICK
More informationPingFederate. Salesforce Connector. Quick Connection Guide. Version 4.1
PingFederate Salesforce Connector Version 4.1 Quick Connection Guide 2011 Ping Identity Corporation. All rights reserved. PingFederate Salesforce Quick Connection Guide Version 4.1 June, 2011 Ping Identity
More informationQuicken for Windows Conversion Instructions [Quicken for Windows 2010-2012 WC to WC]
Quicken for Windows Conversion Instructions [Quicken for Windows 2010-2012 WC to WC] As Milford Federal Savings & Loan Association completes its system conversion, you will need to modify your Quicken
More informationSingle Sign-On Implementation Guide
Single Sign-On Implementation Guide Salesforce, Winter 16 @salesforcedocs Last updated: November 4, 2015 Copyright 2000 2015 salesforce.com, inc. All rights reserved. Salesforce is a registered trademark
More informationDocuSign Connect for Salesforce Guide
Information Guide 1 DocuSign Connect for Salesforce Guide 1 Copyright 2003-2013 DocuSign, Inc. All rights reserved. For information about DocuSign trademarks, copyrights and patents refer to the DocuSign
More informationLINK System Security EDI. On Line Trading Partner Agreement Execution
LINK System Security EDI On Line Trading Partner Agreement Execution 1 Trading Partner Agreement (TPA) Execution Directory Trading Partner Agreement and Exhibit A - Execution TPA Worksheet Enter Required
More informationAdding Single Sign-On to CloudPassage Halo
Adding Single Sign-On to CloudPassage Halo For Halo Site Administrators Contents: About SAML-Based Single Sign-On Integrating Halo With a Single Sign-On Provider 1. Enable and Configure SSO 2. Configure
More informationBig Lots Vendor Compliance Web Portal User Guide - Vendor
Big Lots Vendor Compliance Web Portal User Guide - Vendor https://visibility.inovis.com/dataquality/xclient/biglots 1. To login to the system for the first time: Open the New User Notification Invite e-mail
More informationSingle Sign-On Implementation Guide
Single Sign-On Implementation Guide Salesforce, Summer 15 @salesforcedocs Last updated: July 1, 2015 Copyright 2000 2015 salesforce.com, inc. All rights reserved. Salesforce is a registered trademark of
More informationUser Guide. Version R91. English
AuthAnvil User Guide Version R91 English August 25, 2015 Agreement The purchase and use of all Software and Services is subject to the Agreement as defined in Kaseya s Click-Accept EULATOS as updated from
More informationSmart Card Authentication Client. Administrator's Guide
Smart Card Authentication Client Administrator's Guide April 2013 www.lexmark.com Contents 2 Contents Overview...3 Configuring Smart Card Authentication Client...4 Configuring printer settings for use
More informationConfiguring Single Sign-on from the VMware Identity Manager Service to Dropbox
Configuring Single Sign-on from the VMware Identity Manager Service to Dropbox VMware Identity Manager SEPTEMBER 2015 V1 Configuring Single Sign-On from VMware Identity Manager to Dropbox Table of Contents
More informationCreating and Issuing the Workstation Authentication Certificate Template on the Certification Authority
In this post we will see the steps for deploying the client certificate for windows computers. This post is a part of Deploy PKI Certificates for SCCM 2012 R2 Step by Step Guide. In the previous post we
More informationAuthentication in XenMobile 8.6 with a Focus on Client Certificate Authentication
Authentication in XenMobile 8.6 with a Focus on Client Certificate Authentication Authentication is about security and user experience and balancing the two goals. This document describes the authentication
More informationDocuSign Single Sign On Implementation Guide Published: March 17, 2016
DocuSign Single Sign On Implementation Guide Published: March 17, 2016 Copyright Copyright 2003-2016 DocuSign, Inc. All rights reserved. For information about DocuSign trademarks, copyrights and patents
More informationMANUFACTURER RamSoft Incorporated 243 College St, Suite 100 Toronto, ON M5T 1R5 CANADA
All Information provided in this document and in the accompanying software is subject to change without notice and does not represent a commitment on the part of RamSoft. RamSoft assumes no responsibility
More informationAn overview of configuring WebEx for single sign-on. To configure the WebEx application for single-sign on from the cloud service (an overview)
Chapter 83 WebEx This chapter includes the following sections: An overview of configuring WebEx for single sign-on Configuring WebEx for SSO Configuring WebEx in Cloud Manager For more information about
More informationInstallation and Configuration Guide
Entrust Managed Services PKI Auto-enrollment Server 7.0 Installation and Configuration Guide Document issue: 1.0 Date of Issue: July 2009 Copyright 2009 Entrust. All rights reserved. Entrust is a trademark
More informationSOLGARI CLOUD BUSINESS COMMUNICATION SERVICES CLOUD CONTACT CENTRE MICROSOFT DYNAMICS INTEGRATION
SOLGARI CLOUD BUSINESS COMMUNICATION SERVICES CLOUD CONTACT CENTRE MICROSOFT DYNAMICS INTEGRATION APRIL 2015 Microsoft Dynamics CRM Integration The Solgari CRM Integration module provides out of the box
More informationEntrust Managed Services PKI. Getting an end-user Entrust certificate using Entrust Authority Administration Services. Document issue: 2.
Entrust Managed Services PKI Getting an end-user Entrust certificate using Entrust Authority Administration Services Document issue: 2.0 Date of issue: June 2009 Revision information Table 1: Revisions
More informationHow To Use Salesforce Identity Features
Identity Implementation Guide Version 35.0, Winter 16 @salesforcedocs Last updated: October 27, 2015 Copyright 2000 2015 salesforce.com, inc. All rights reserved. Salesforce is a registered trademark of
More informationGetting Started with AD/LDAP SSO
Getting Started with AD/LDAP SSO Active Directory and LDAP single sign- on (SSO) with Syncplicity Business Edition accounts allows companies of any size to leverage their existing corporate directories
More informationIntegrating Autotask Service Desk Ticketing with the Cisco OnPlus Portal
Integrating Autotask Service Desk Ticketing with the Cisco OnPlus Portal This Application Note provides instructions for configuring Apps settings on the Cisco OnPlus Portal and Autotask application settings
More informationConfiguring SAML2 for Single Sign On to Smartsheet (Enterprise Only)
Configuring SAML2 for Single Sign On to Smartsheet (Enterprise Only) This document is intended for technical professionals who are familiar with SAML and have access to the Identity Provider that will
More informationCloud Services ADM. Agent Deployment Guide
Cloud Services ADM Agent Deployment Guide 10/15/2014 CONTENTS System Requirements... 1 Hardware Requirements... 1 Installation... 2 SQL Connection... 4 AD Mgmt Agent... 5 MMC... 7 Service... 8 License
More informationHubcase for Salesforce Installation and Configuration Guide
Hubcase for Salesforce Installation and Configuration Guide Note: This document is intended for system administrator, and not for end users. Installation and configuration require understanding of both
More informationQAS Small Business for Salesforce CRM
INTRODUCTION This document provides an overview of integrating and configuring QAS for Salesforce CRM. It will take you through the standard integration and configuration process and also provides an appendix
More informationEnabling Single Sign- On for Common Identity using F5
Enabling Single Sign- On for Common Identity using F5 THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS
More informationEgnyte Single Sign-On (SSO) Configuration for Active Directory Federation Services (ADFS)
w w w. e g n y t e. c o m Egnyte Single Sign-On (SSO) Configuration for Active Directory Federation Services (ADFS) To set up ADFS so that your employees can access Egnyte using their ADFS credentials,
More informationSAP NetWeaver AS Java
Chapter 75 Configuring SAP NetWeaver AS Java SAP NetWeaver Application Server ("AS") Java (Stack) is one of the two installation options of SAP NetWeaver AS. The other option is the ABAP Stack, which is
More informationConfiguring Parature Self-Service Portal
Configuring Parature Self-Service Portal Chapter 2 The following is an overview of the steps required to configure the Parature Self-Service Portal application for single sign-on (SSO) via SAML. Parature
More informationHow Students Log Into IBTP Testing
How Students Log Into IBTP Testing When IBTP tests are scheduled, they may be designated as being administered via a standard browser or the secure tester. The Administer this test with Online Test Option
More informationPassKey Manager. Schoolwires Centricity
Schoolwires Centricity Table of Contents Introduction... 1 What Provides... 1 What Does Not Provide... 1 Definitions for... 1 Manage PassKeys in Site Manager... 2 Access... 2 Create PassKeys... 2 Create
More informationJPMorgan Chase Treasury Workstation. Certification Setup Guide Version 2.0
EMENTS JPMorgan Chase Treasury Workstation Certification Setup Guide Version 2.0 December 2010 TABLE OF CONTENTS Introduction... 1 About this Guide... 1 When to Create the Certificates... 2 Getting Help...
More informationIntegrating ConnectWise Service Desk Ticketing with the Cisco OnPlus Portal
Integrating ConnectWise Service Desk Ticketing with the Cisco OnPlus Portal This Application Note explains how to configure ConnectWise PSA (Professional Service Automation) application settings and Cisco
More informationOkta/Dropbox Active Directory Integration Guide
Okta/Dropbox Active Directory Integration Guide Okta Inc. 301 Brannan Street, 3rd Floor San Francisco CA, 94107 info@okta.com 1-888- 722-7871 1 Table of Contents 1 Okta Directory Integration Edition for
More informationIMPLEMENTING SINGLE SIGN- ON USING SAML 2.0 ON JUNIPER NETWORKS MAG SERIES JUNOS PULSE GATEWAYS
APPLICATION NOTE IMPLEMENTING SINGLE SIGN- ON USING SAML 2.0 ON JUNIPER NETWORKS MAG SERIES JUNOS PULSE GATEWAYS SAML 2.0 combines encryption and digital signature verification across resources for a more
More informationOnline Statements. About this guide. Important information
Online Statements About this guide This guide shows you how to: View online statements, including CommBiz Activity Statements (Billing summaries) and online statements for Transaction Accounts, Credit
More informationINTEGRATION GUIDE. DIGIPASS Authentication for VMware Horizon Workspace
INTEGRATION GUIDE DIGIPASS Authentication for VMware Horizon Workspace Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided 'as is';
More informationE-Commerce Manual. A brief overview of your website s E-commerce system with screenshots. E-commerce Manual
E-Commerce A brief overview of your website s system with screenshots. 1 Contents Categories:...3 Products:...4 Adding a New Product:...5 Adding an Image to a Product:...7 Creating a New Attribute:...8
More informationIMPORTANT: You must complete this step before you can install and activate SafeSend.
Initial Setup Guide Welcome to SafeSend! This guide has been created to assist with your initial setup. Please follow the below steps to get started. If you are a Firm Administrator and are setting your
More informationUsing Entrust certificates with Microsoft Office and Windows
Entrust Managed Services PKI Using Entrust certificates with Microsoft Office and Windows Document issue: 1.0 Date of issue: May 2009 Copyright 2009 Entrust. All rights reserved. Entrust is a trademark
More informationCA CloudMinder. Getting Started with SSO 1.5
CA CloudMinder Getting Started with SSO 1.5 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation ) is for your
More informationSingle Sign-On Implementation Guide
Version 27.0: Spring 13 Single Sign-On Implementation Guide Last updated: February 1, 2013 Copyright 2000 2013 salesforce.com, inc. All rights reserved. Salesforce.com is a registered trademark of salesforce.com,
More informationNew Single Sign-on Options for IBM Lotus Notes & Domino. 2012 IBM Corporation
New Single Sign-on Options for IBM Lotus Notes & Domino 2012 IBM Corporation IBM s statements regarding its plans, directions, and intent are subject to change or withdrawal without notice at IBM s sole
More informationIntegrating LivePerson with Salesforce
Integrating LivePerson with Salesforce V 9.2 March 2, 2010 Implementation Guide Description Who should use this guide? Duration This guide describes the process of integrating LivePerson and Salesforce
More informationHOTPin Integration Guide: Google Apps with Active Directory Federated Services
HOTPin Integration Guide: Google Apps with Active Directory Federated Services Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided 'as
More information