Need Help? We are right here!
Thanks for your inquiry.
If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com
Search Results:
×Surfconext Single Sign-On login provides secure auto-login to your Surfconext app. Users can sign-in using any IDP of their choice which verifies the identity credentials of the users & grants access.
miniOrange SSO solution also acts as an identity broker for cross protocol authentication, which means Service Provider following a particular SSO protocol can connect to an Identity Provider following some different SSO protocol like SAML,OAuth etc. Once configured successfully you will be ready to securely access your website/application using SURFconext IDP.
miniOrange offers free help through a consultation call with our System Engineers to configure SSO for different apps using API authentication in your environment with 30-day free trial.
For this, you need to just send us an email at idpsupport@xecurify.com to book a slot and we'll help you in no time.
IdP Entity ID | Identity Provider Issuer from Bitium |
SAML SSO Login URL | Identity Provider Single Sign-On URL from Bitium |
X.509 Certificate | X.509 Certificate from Bitium |
Single Logout URL [Optional] | Single Logout URL from Bitium |
Domain Mapping | Can be used to redirect specific domain user to specific IDP |
Show IdP to Users | Enable this if you want to show this IDP to all users during Login |
Send Configured Attributes | Enabling this would allow you to add attributes to be sent from IDP |
Protocol | SAML 2.0 |
From existing entity | No, create blank registration form |
Single sign on URL | ACS URL |
Audience URI (SP Entity ID) | Entity ID or Issuer |
You have successfully configured SURFconext as SAML IdP (Identity Provider) for achieving Single Sign-On.
If you have already configured your application in miniOrange you can skip the following steps.
Service Provider Name | Choose appropriate name according to your choice |
SP Entity ID or Issuer | Your Application Entity ID |
ACS URL X.509 Certificate (optional) | Your Application Assertion Consumer Service URL |
NameID Format | Select urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress |
Response Signed | Unchecked |
Assertion Signed | Checked |
Encrypted Assertion | Unchecked |
Group policy | Default |
Login Method | Password |
Client Name | Add appropriate Name |
Redirect URL | Get the Redirect-URL from your OAuth Client |
Description | Add if required |
Group Name | Default |
Policy Name | As per your Choice |
Login Method | Password |
Note: Choose the Authorization Endpoint according to the identity source you configure.
https://{mycompany.domainname.com}/moas/idp/openidsso
https://{mycompany.domainname.com}/broker/login/oauth{customerid}
In case you are setting up SSO with Mobile Applications where you can't create an endpoint for Redirect or Callback URL, use below URL.
https://login.xecurify.com/moas/jwt/mobile
Few usecases where customers configure multiple IDPs -
For Cloud IDP - | https://login.xecurify.com/moas/discovery?customerId=<customer_id> |
For On-Premise IDP - | https://yourdomain.com/discovery?customerId=<customer_id> |
You can see the screenshot below of the IDP Selection Page with a list of IDPs.
Note: To view the IDP in drop-down list, go to Identity Providers tab > against your configured IDP > Select >Edit , here Enable the Show IdP to Users option.
Our Other Identity & Access Management Products