Skip to end of metadata
Go to start of metadata

You are viewing an old version of this content. View the current version.

Compare with Current View Version History

Version 1 Next »

AC Cloud Configuration Document

Requirement 

We can perform single sign-on in our Adeptia Connect by using SAML with multiple IDPs. Here we are integrating with Okta (Identity Cloud is an independent and neutral platform that securely connects.) single sign-on by using SAML in Adeptia Connect.

High-Level Steps

Below are the high-level steps of SAML integration with Okta in AC

  1. Creating Application in Okta

    1. Sign up in Okta and create a company domain in Okta.

  1. Login into Okta with the credential after activating email sent by Okta in your registered email id.

  1. Click Add Application and create an application with a sign on method SAML 2.0. 

  1.  Configure General Setting and click next.

  1. Uploading Connect Portal SP MetaData into Okta Server

    1. Configure the URL of Connect portal and Audience URI (Sp Entity Id) , for configuring Single Sign-on URL and Audience URI (Sp Entity Id)  , you can first hit the URL: <protocol_name>://<ip_address>:<port_number>/saml2/service-provider-metadata/<registration_Id>

    2. it will download the file "spring_saml_metadata.xml".    

       For Example: https://<<AIG domain name>>/saml2/service-provider-metadata/default

  1. Open the metadata SAML file from the url file and copy the data of "entityID".

  Entity ID 

Login URL

Logout URL

  1. Configure the feedback option and click the finish button.

  1. Placing IdP Metadata within Adeptia Connect

    1. When you finish, you will go to SAML sign on and click view setup instruction to look at Idp metadata.

  1. Copy the below IDP metadata and create Idp.xml with this Idp Metadata.

  1. Go to the Adeptia Connect directory SAML folder  and place this file.

  1. Enabling SAML in Adeptia Connect 

    1. Login into Connect Portal and enable SAML for application by using the link below and restart the Portal Microservices.

  2. Assigning and Creating User in Okta and Adeptia Connect

    1. Then Go to Assignment and assign your app to User (The same user should be created in Adeptia Connect as a Partner User). Roles also can be configured in okta which will be sent by Okta to Adeptia Application as attribute details. 

<saml2:Attribute Name="Roles" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">

<saml2:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">North America Program Onboarding Design,North America Program Onboarding Approver</saml2:AttributeValue>

</saml2:Attribute>

  1. Now when you go to the AIG DEV application URL, it will redirect to your Okta sign in Page. Login into Okta, it will redirect you to the application successfully. 

  2. In application a user will be logged in with default role assigned at time of user creation in Adeptia Connect. 

  1. If a user has more than one role in the application then it will give you the option to select the role from which user wants to login after redirecting you in the application.

  1. IDP SSO Initiated URL 

    1. After successful integration with Okta , we can use IDP SSO Initiated URL as well to login into AIG DEV Adeptia Application. Go to the 

App Embed Link

Reference: 1.  Okta Documentation Link: https://www.okta.com/integrate/documentation/saml/

  • No labels