Red Canary supports single sign-on (SSO) to any SAML-compliant identity provider. OneLogin is a commonly used identity provider that you can use to control access to Red Canary.
- Login to your OneLogin Administration portal.
- Click Apps > Add Apps.
- Search for and select SAML Test Connector (IdP) (the type should be SAML 2.0).
- Set Display Name to Red Canary.
- Click Save.
- Select the Configuration tab.
- Set Audience to the value listed in the Red Canary SSO configuration's Entity / Issuer value.
- Set Recipient to https://<your_domain>.my.redcanary.co/saml_sp/consume
- Set ACS (Consumer) URL Validator to https://<your_domain>.my.redcanary.co/saml_sp/consume
- Set ACS (Consumer) URL to https://<your_domain>.my.redcanary.co/saml_sp/consume
- Select the Parameters tab.
- Click Add Parameter.
- Under Field Name, select Email and check Include in SAML assertion.
- Save all changes in OneLogin.
- Click the SSO tab to find the values you will need to enter into Red Canary.
- Click your user icon at the top right of your Red Canary, and then click Single Sign-On.
- Paste the certificate you downloaded in the previous step into the Identity Provider x509 Cert (Base64 encoded) field.
- Set Identity Provider SSO Target URL to the OneLogin application's SAML 2.0 Endpoint (HTTP).
- Set Identity Provider SLO Target URL to the OneLogin Application's SLO Endpoint (HTTP).
- Set Identity Provider Entity ID to the OneLogin application's Issuer URL.
- Set Email Attribute to Email.
- Check This SSO configuration should be active (found at the top of the page).
- Click Save.
Comments
0 comments
Please sign in to leave a comment.