- 3 minutes to read
- Print
- DarkLight
- PDF
How to add the SAML provider to senhasegura
- 3 minutes to read
- Print
- DarkLight
- PDF
To finish setting up SSO for remote users in senhasegura SAML provider . In this article, you'll find a step-by-step guide for this task.
senhasegura partnered with Okta to develop this documentation. The steps may vary and require adaptation for use with other providers.
Step 1: Collect information
- In your Okta account, go to the administration area.
If you don't automatically enter the administration area, click the Admin button in the top right corner of the screen.
- In the top left corner menu, select Applications > Applications.
- Find the senhasegura SAML application that you integrated.
- Click on the application.
- In the Sign On tab, locate the Metadata details field.
- Copy the displayed URL to use in the next step.
- Still on the Sign On tab, click More details.
- Locate the Sign on URL field.
- Copy the displayed URL to use in the next step.
Step 2: Choose the environment to register the SAML provider
senhasegura allows two types of environments for SAML provider registration:
- SAML Provider in the Domum Remote Access environment: SSO access for internal users and third-party users via Domum.
- SAML Provider in the Local environment: SSO access only for internal users via the local network. This option suits internal users already connected to the company's internal network.
It’s possible to register both environments to internal users. However, it requires creating a separate application for each environment in the Okta provider. The system won’t allow registering the same application for both the Local and Domum Remote Access environments.
Option 1: Add the SAML provider for access
This provisioning is exclusively for internal users.
- Access the senhasegura platform.
- In the top left corner, click Grid Menu, indicated by the nine-square box, and select Settings.
- On the side menu, select Authentication > SAML > Providers.
- In the top right corner, click the three vertical dots icon (View Actions) and select + New provider.
- In the registration window, fill in the Main Information tab:
- In the Type* field, select Okta.
- In Enable*, check Yes.
- In Environment*, check Local.
- In Entity ID*, enter the name registered in the General Settings when creating the application. Example:
MyAppExample
. - In SAML provider metadata URL*, paste the value Okta automatically generated in the Metadata details field. Example:
https://trial-3650301.okta.com/app/exk6r8qx6pDaZv6IP697/sso/saml/metadata
. - In Domain or public IP for URL Redirection*, enter the senhasegura default URL. Example:
https://mysenhasegura.com
.
CautionDon’t insert the right slash at the end of the URL.
- The system will automatically complete the Redirect URL* field.
- In SSO Login URL (Sign-in URL)* , paste the value Okta automatically generated in the Sign on URL field. Example:
https://trial-3650301.okta.com/app/trial-3650301_testesso1_1/exk6r8qx6pDaZv6IP697/sso/saml
. - In SSO Logout URL (Sign-out URL), enter the URL of the Okta application. Example:
https://trial-3650301.okta.com/
. - In Redirect binding type, select REDIRECT.
- In the Security SAML tab:
- Download the provider's certificate and copy its content.
- In Certificate (PEM format): paste the certificate content.
InfoIf you haven't saved the certificate information, In this example, it can be found in the Okta administration area.
- Click Save.
Option 2: Add the SAML provider for access via Domum
This provisioning works for both Domum internal and third parties users.
- Access the senhasegura platform.
- In the top left corner, click Grid Menu, indicated by the nine-square box, and select Settings.
- On the side menu, select Authentication > SAML > Providers.
- In the top right corner, click the three vertical dots icon (View Actions) and select + New provider.
- In the registration window, fill in the Main Information tab:
- In the Type* field, select Okta.
- In Enable*, check Yes.
- In Environment*, check Domum Remote Access.
- In Entity ID*, enter the name registered in the General Settings when creating the application. Example:
MyAppExample.
- In SAML provider metadata URL*, paste the value Okta automatically generated in the Metadata details field. Example:
https://trial-3650301.okta.com/app/exk6r8qx6pDaZv6IP697/sso/saml/metadata
. - In Domain or public IP for URL Redirection*, enter the senhasegura default URL. Example:
https://mysenhasegura.com
.
CautionDon’t insert the right slash at the end of the URL.
- The system will automatically complete the Redirect URL* field.
- In SSO Login URL (Sign-in URL)* , paste the value Okta automatically generated in the Sign on URL field. Example:
https://trial-3650301.okta.com/app/trial-3650301_testesso1_1/exk6r8qx6pDaZv6IP697/sso/saml
. - In SSO Logout URL (Sign-out URL), enter the URL of the Okta application. Example:
https://trial-3650301.okta.com/
. - In Redirect binding type, select REDIRECT.
- Click Save.
Now, senhasegura can offer SSO login for internal users, and the access provider will take care of the authentication.
Do you still have questions? Reach out to the senhasegura Community.