Live Webinar: Unified IAM, PAM & CIAM for Modern Security. Register Now
  Login  
Hello there!

Need Help? We are right here!

Support Icon
miniOrange Email Support
success

Thanks for your Enquiry. Our team will soon reach out to you.

If you don't hear from us within 24 hours, please feel free to send a follow-up email to info@xecurify.com

Search Results:

×

Configure CyberArk as SAML IDP for SSO

miniOrange Identity Broker service solution enables cross protocol authentication. You can configure CyberArk as an IDP for Single Sign-On (SSO) into your applications/websites. Here, CyberArk will act as an Identity Provider (IDP) and miniOrange will act as a broker.

We offer a pre-built solution for integrating with CyberArk, making it easier and quick to implement. Our team can also help you set up CyberArk as SAML IDP to login into your applications.

Get Free Installation Help


miniOrange offers free help through a consultation call with our System Engineers to configure SSO for different apps using CyberArk as IDP in your environment with 30-day free trial.

For this, you need to just send us an email at idpsupport@xecurify.com to book a slot and we'll help you in no time.



Prerequisites

Please make sure your organisation branding is already set under Customization >> Login and Registration Branding in the left menu of the dashboard.


Follow the Step-by-Step Guide given below for CyberArk Single Sign On

1. Configure miniOrange as Service Provider in CyberArk

  • Go to miniOrange Admin console and navigate to Identity Providers in the left navigation menu. Then, click on Add Identity Provider button.
    • CyberArk IDP: Add Identity Provider

  • In Choose Identity Provider, select SAML from the dropdown.
    • CyberArk IDP: Select SAML from dropdown

  • Search for CyberArk in the list. If you don't find it, search for SAML Provider and set up your application there.
    • CyberArk IDP: Search CyberArk

  • Now click on the Click here link to get miniOrange metadata as shown in Screen below.
    • CyberArk IDP : Get miniorange metadata

  • For SP - Initiated SSO section, select Show Metadata Details.
    • CyberArk SAML IDP : SP intiated Metadata

  • Click on Downlaod Metadata. Keep them handy. We'll use these to configure miniOrange as a Service Provider in CyberArk next.
    • CyberArk SAML IDP : Keep it handy SP Metadata details

  • Now login with your CyberArk Administrator credentials.
    • SAML Single Sign-On (SSO) using CyberArk (IdP),login page

  • Navigate to the Web Apps under Apps.
    • SAML Single Sign-On (SSO) using CyberArk (IdP),sso page

  • Click on Add Web Apps.
    • SAML Single Sign-On (SSO) using CyberArk(IdP),add application

  • Click on Custom button, select SAML app and click on Add.
    • SAML Single Sign-On (SSO) using CyberArk (IdP),add saml

  • Click on Yes to add SAML app.
    • SAML Single Sign-On (SSO) using CyberArk (IdP),add application

  • Under Settings, enter the following:
    Name Enter a label for Service Provider.
    Description Enter description for your application.
    Logo Enter logo for your application.
    • SAML Single Sign-On (SSO) using CyberArk (IdP),sso settings

  • Click on Trust and click on the Download Metadata File. Keep this downloaded metadata file. We'll need it for Step 2.
    • SAML Single Sign-On (SSO) using CyberArk(IdP),download metadata

  • Upload the miniOrange metadata by clicking on Choose File. Click on Save.
    • SAML Single Sign-On (SSO) using CyberArk (IdP),metadata

  • To assign user to your application , click on Permissions and click on Add.
    • SAML Single Sign-On (SSO) using CyberArk (IdP)

  • Search for User, Group, or Role to assign user for the application and perform SSO.
    • SAML Single Sign-On (SSO) using CyberArk (IdP)

  • Click on Add button.

2. Configure CyberArk as Identity Provider in miniOrange

  • Return to the miniOrange Admin Console tab you kept open from Step 1.
  • On the Metadata tab, click the Click here link to configure your IDP.
    • CyberArk SAML IDP : Click here to configure IDP

  • Click on Import IDP Metadata button.
    • CyberArk SAML IDP : Click on Import IDP Metadata

  • Enter IDP Name. Select File radio button and upload the CyberArk metadata downloaded in Step 1.
  • Click on Import.
    • CyberArk SAML IDP : After click Import button auto fetch all the details

  • To auto-fill all the details, scroll to the bottom and click Save to complete the CyberArk IDP configuration.
    • CyberArk SAML IDP : scroll to click Save to apply the changes

3. Test Connection

  • Visit your Login Page URL.
  • Go to Identity Providers tab.
  • Search for your app, click the three dots in the Actions menu, and select Test Connection against the Identity Provider (IDP) you configured.
    • CyberArk-IDP-TestConnection

  • On entering valid CyberArk credentials (credentials of user assigned to app created in CyberArk), you will see a pop-up window which is shown in the below screen.
    • SucessTestConn-CyberArk-IDP

  • Hence your configuration of CyberArk as IDP in miniOrange is successfully completed.

Note:

You can follow this guide, if you want to configure SAML/WS-FED, OAuth/OIDC, JWT, Radius etc


Configure Attribute Mapping

  • Go to Identity Providers.
  • Click the three dots in the Actions menu, and select Attribute Mapping against the Identity Provider (IDP) you configured.
    • CyberArk Single Sign-On SSO Select and Configure Attribute Mapping


Maps information, such as email and username, during Just-In-Time (JIT) user creation. Email and Username attributes are necessary to create the user profile.

  • Click on the + Add Attribute button to add the attribute fields.
    • CyberArk Single Sign-On SSO Map USER Attribute

  • Check the attributes in the Test Connection window from the previous step. Choose any attribute names you want to send to your application under Attribute Name sent to SP.
  • Enter the values of the attributes coming from IdP into the Attribute Name from IdP field on the Xecurify side.

EXTERNAL mappings help alter incoming attribute names before sending them to apps, ensuring that the data is in the correct format.

  • Click on the + Add Attribute button to add the attribute fields.
    • CyberArk Single Sign-On SSO Map EXTERNAL Attribute

  • Check attributes in test connection window from last step. Enter the attribute names (any name) that you want to send to your application under Attribute Name sent to SP.
  • Enter the value of attributes that are coming from IdP into the Attribute Name from IdP field on the Xecurify side.

Configure Multiple IDPs:

You can follow this guide, if you want to configure multiple IDPs (Identity Providers) and give users the option to select the IDP of their choice to authenticate with.




Want To Schedule A Demo?

Request a Demo
  



Our Other Identity & Access Management Products

Single Sign-On

Seamless login for workforce and customer identity to cloud or on-premise apps

Learn more

Multi-factor Authentication

Secure access for identities with an additional layer of authentication

Learn more

Adaptive Authentication

Block or grant user access based on IP, Device, Time & Location

Learn more

Lifecycle Management

Manage & automate user provisioning and deprovisioning to apps

Learn More