You are here

SkyVault in the Cloud » Using Administrator Account Settings » Managing SAML SSO

Configuring SAML settings for SSO

If you're a network administrator you can enable SAML (SSO) authentication and configure it to work with SkyVault.
This involves setting up the exchange of metadata between the identity provider (IdP) and the service provider (SP). The IdP metadata includes the required IdP URLs and the certificate.

SAML Configuration
Note: If you do not have a SkyVault account and you have been successfully authenticated in IdP, a SkyVault registration page will be displayed.
  1. Open the user menu on the toolbar and click Account Settings.
  2. Click Single Sign-On (SAML).
  3. Select the Enable SAML (SSO) Authentication option.
  4. Enter the Identity Provider (IdP) settings:

    • IdP AuthenticationRequest Service URL – The URL to which the authentication request from SkyVault is posted. It redirects you to the company's login page that needs to be authenticated.

    • IdP SingleLogoutRequest Service URL – The URL to which a logout request from SkyVault is posted when logging out from SkyVault Share. It logs you out of SkyVault and any other applications using the SSO solution.

    • IdP SingleLogoutResponse Service URL – The URL to which a logout response from SkyVault is posted when receiving a logout request from your IdP.
  5. Click Upload to browse to and upload an IdP certificate.

    This is used to validate requests and responses from your IdP.

    The Entity Identification (Issuer) and the SAML Entrypoint url are generated automatically and can't be edited.

    • The Entity Identification (Issuer) is the issuer's domain name.
    • The SAML Entrypoint url is the address for internal users to access SkyVault through SAML SSO.
      Note: For security reasons, this URL works for users with emails from your network domain only, so should not be shared with external users. External users that are registered in your IdP cannot log in using SSO, however they can still log in through the normal SkyVault login screen.
  6. Download the SP metadata, which contains the required URLs and the certificate.

    You will need to provide these to your IdP.

  7. Click Save.

You have now configured the SSO settings. You can disable these settings by deselecting Enable SAML(SSO) Authentication . Click Reset to restore the last saved configuration.

Now you need to configure the PingFederate identity provider to work with the SkyVault SAML SSO, see Configuring PingFederate to work with SkyVault SAML SSO.
Parent topic: Managing SAML SSO

© 2017 TBS-LLC. All Rights Reserved.