Vivi SAML for Administrators

Similar documents
Egnyte Single Sign-On (SSO) Configuration for Active Directory Federation Services (ADFS)

Configuring ADFS 3.0 to Communicate with WhosOnLocation SAML

Egnyte Single Sign-On (SSO) Installation for OneLogin

ADFS Integration Guidelines

Only LDAP-synchronized users can access SAML SSO-enabled web applications. Local end users and applications users cannot access them.

SalesForce SSO with Active Directory Federated Services (ADFS) v2.0 Authenticating Users Using SecurAccess Server by SecurEnvoy

CA Nimsoft Service Desk

Configuring EPM System for SAML2-based Federation Services SSO

Configuring Single Sign-on from the VMware Identity Manager Service to WebEx

How To Use Saml 2.0 Single Sign On With Qualysguard

EMR Link Server Interface Installation

To set up Egnyte so employees can log in using SSO, follow the steps below to configure VMware Horizon and Egnyte to work with each other.

Toll Free: International:

Getting Started with AD/LDAP SSO

T his feature is add-on service available to Enterprise accounts.

SchoolBooking SSO Integration Guide

SP-initiated SSO for Smartsheet is automatically enabled when the SAML feature is activated.

DocuSign Single Sign On Implementation Guide Published: March 17, 2016

Business mail 1 MS OUTLOOK CONFIGURATION... 2

WatchDox Administrator's Guide. Application Version 3.7.5

Administering Jive Mobile Apps

HOTPin Integration Guide: Salesforce SSO with Active Directory Federated Services

AVG Business SSO Partner Getting Started Guide

Remote Access End User Reference Guide for SHC Portal Access

Single Sign On (SSO) Implementation Manual. For Connect 5 & MyConnect Sites

Connected Data. Connected Data requirements for SSO

Configuring Single Sign-on from the VMware Identity Manager Service to ServiceNow

Multi-Factor Authentication Job Aide

Add Microsoft Azure as the Federated Authenticator in WSO2 Identity Server

Configure Single Sign on Between Domino and WPS

Authentication Methods

Security Assertion Markup Language (SAML) Site Manager Setup

Egnyte Single Sign-On (SSO) Installation for Okta

How to create a SP and a IDP which are visible across tenant space via Config files in IS

Sentral servers provide a wide range of services to school networks.

TIB 2.0 Administration Functions Overview

Step-by-Step guide for SSO from MS Sharepoint 2010 to SAP EP 7.0x

SCADA Security. Enabling Integrated Windows Authentication For CitectSCADA Web Client. Applies To: CitectSCADA 6.xx and 7.xx VijeoCitect 6.xx and 7.

setup information for most domains hosted with InfoRailway.

How to configure your Desktop Computer and Mobile Devices post migrating to Microsoft Office 365

CHAPTER 1 Exploring Mobile Devices with IMail 1

Livezilla How to Install on Shared Hosting By: Jon Manning

How to connect to NAU s WPA2 Enterprise implementation in a Residence Hall:

Configuring. SugarCRM. Chapter 121

User Guide. Time Warner Cable Business Class Cloud Solutions Control Panel. Hosted Microsoft Exchange 2007 Hosted Microsoft SharePoint 2007

HP Software as a Service. Federated SSO Guide

Active Directory Requirements and Setup

Thank you for using Synapse Hosted Exchange service. Please find the instructions for setting up your clients are below:

Setting up SJUMobile (Wireless Internet Access for personal devices)

RMS Cloud - Setup Instructions for Windows Computers

ATTENTION: End users should take note that Main Line Health has not verified within a Citrix

Business mail 1 MS OUTLOOK RECONFIGURATION DUE TO SYSTEM MIGRATION... 2

Working with Indicee Elements

Agenda. How to configure

Okta/Dropbox Active Directory Integration Guide

Initial DUO 2 Factor Setup, Install, Login and Verification

Office 365 deployment checklists

How to Access Coast Wi-Fi

HP Software as a Service

Single Sign On for ShareFile with NetScaler. Deployment Guide

SHC Client Remote Access User Guide for Citrix & F5 VPN Edge Client

PingFederate. Salesforce Connector. Quick Connection Guide. Version 4.1

Domainz Mail Client Setup User Guide Version July 2011

1. Open the preferences screen by opening the Mail menu and selecting Preferences...

Defender Token Deployment System Quick Start Guide

DocuSign Connect for Salesforce Guide

Getting Started with Clearlogin A Guide for Administrators V1.01

Microsoft Office 365 Using SAML Integration Guide

Configuring Active Directory with AD FS and SAML for Brainloop Secure Dataroom Setup Guide

Tenrox. Single Sign-On (SSO) Setup Guide. January, Tenrox. All rights reserved.

Installation Guides - Information required for connection to the Goldfields Institute s (GIT) Wireless Network

Flexible Identity Federation

Configuring SAML2 for Single Sign On to Smartsheet (Enterprise Only)

ADFS for. LogMeIn and join.me authentication

Update Instructions

Configuration Instructions for non-tcd users of the eduroam service

HOTPin Integration Guide: Google Apps with Active Directory Federated Services

Configuration Guide. BES12 Cloud

Guide to Configuring the UHU Wireless Network for Windows Vista

How to Implement the X.509 Certificate Based Single Sign-On Solution with SAP Netweaver Single Sign-On

I. ECAS Account Initialization

qliqdirect Active Directory Guide

360 Online authentication

Adding Single Sign-On to CloudPassage Halo

Using SAML for Single Sign-On in the SOA Software Platform

SecureAnywhereTM Web Security Service

Guide for Setting Up Your Multi-Factor Authentication Account and Using Multi-Factor Authentication. Mobile App Activation

Active Directory Federation Services

Protected Trust Directory Sync Guide

Install and End User Reference Guide for Direct Access to Citrix Applications

Managed Devices - Web Browser/HiView

Configuring SuccessFactors

Configuring Single Sign-on from the VMware Identity Manager Service to Dropbox

Client configuration and migration Guide Setting up Thunderbird 3.1

Configuring Salesforce

WHMCS LUXCLOUD MODULE

Microsoft Outlook 2010

Fairsail. Implementer. Single Sign-On with Fairsail and Microsoft Active Directory Federation Services 2.0. Version 1.92 FS-SSO-XXX-IG R001.

Wazza s QuickStart 1. Leopard Server - Install & Configure DNS

Transcription:

Vivi SAML for Administrators Setup Guide This documents outlines the process for configuring your Vivi environment to accept SAML authentication. How Does SAML work? Your organisation s SAML login page will appear in the Vivi client When the user logs in, they will inherit the appropriate roles depending the groups they are already assigned to in your organisation s SAML To enable SAML Log in to the Vivi admin portal using your admin credentials Edit your organisation and you will see a section called Authentication Set the Authentication Type to SAML and hit save Be aware that this will prevent normal login from working unless authentication type is switched back to Vivi Once you have enabled SAML, Vivi creates the metadata URL. This can be used to automatically configure your relying party trust in ADFS. It will look something like this: https://api.vivi.io/api/v1/users/saml_metadata/xxxx-xxxx-xxxx xxxx is your organisation s unique ID.

Set up Claims You will need to log in to your ADFS instance and configure an LDAP claim that provides: username, display name, and email. We need information about group membership to assign permissions. Set up two Send Group Membership as a Claim claims as in above, one for presenters and one for students. Currently, the outgoing claim value must be exactly presenters and students respectively. Finally, clicking the View Rule Language... button in the bottom left of each edit claim window shows the particular IDs used for each claim. You'll need to include these in the information below so that we can extract the claims on our end.

SAML Settings The following information is required for Vivi to enable signing in with your SAML. Please send us this information to help verify it, rather than entering it straight into the admin portal. Setting SAML Default Email Domain SAML SSO URL SAML SLO URL SAML Token-Signing Certificate SAML Name Attribute SAML Email Attribute SAML Group Attribute Description A default email domain to use in case a user has no email address, e.g. myschool.com.au, then emails will be username@myschool.com.au Full URL to your IdP SSO endpoint, e.g. https://dc.example.com/adfs/ls/ Full URL to your IdP SLO endpoint. This may be left blank if this is the same as the SSO endpoint. Exported Token-Signing Certificate from your ADFS, in PEM format. Name used by your IdP for the claim mapping a user's display name, e.g. http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name Name used by your IdP for the claim mapping a user's email, e.g. http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress SAML Group Attribute: Name used by your IdP for the claim mapping a user's group membership, e.g. http://schemas.xmlsoap.org/claims/group SAML should now be ready to test. Open a version 2.6+ client (or restart if already open) and attempt to sign in with the username and password of an account in one of the appropriate groups. Don t hesitate to contact our Support team should you experience any difficulties.

SAML with WIA (Windows Integrated Authentication) Organisations which use WIA will require a couple of extra steps to get Vivi working for all users. If your organisation is Windows only, there should be no further configuration required however if you need to support other devices, such as Mac, ios and Android you will need to modify your SAML instance. Steps Required: 1. Edit the global settings in your SAML Management Console (Fig 1.) 2. In the Global Authentication Policy pop-up tick Forms Authentication in the Intranet pane. (Fig 2.) 3. In the Vivi Admin Panel, under your Authentication settings set the Force SAML option to True (Fig 3.) When you have completed the above steps, the system will use Forms Authentication as a fallback if WIA is not available for example when connecting an ipad. Fig.1 Edit Global Settings

Fig.2 Check Forms Authentication under Intranet Fig.3 Set the SAML Force Method to Forms in Admin Portal Note: The setting appears in the SAML properties on your organisation page.