Hello there!

Need Help? We are right here!

support
miniOrange Email Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com

SINGLE SIGN ON FOR MENDIX
miniOrange provides a ready to use solution for Mendix. This solution ensures that you are ready to roll out secure access to Mendix to your employees within minutes.

Mendix


Mendix is a Low-code platform which provides necessary tools to build production-ready applications for your business with as much as low code. This platform is aimed to enable almost everyone to build their own applications with as much as a low effort which helps business makers to focus on other business-related stuff. Mendix provides all the necessary set of tools and platform for the entire app lifecycle, way starting from formation of concepts through development and operation, resulting in fully-fledged applications

miniOrange SSO (Single Sign-on) provides secure autologin to all your apps in cloud or on-premise, from any mobile platform including iPhone, Android. It quickly increases the security of information and resources for your Mendix app without worrying about time for initial set up or future upgrades.


Why Single Sign-On?

  • miniOrange SSO has inbuilt integration with Legacy Apps such as Active Directory, Siteminder, Unix, RADIUS and also comes with support for OpenID, OAuth, SAML, ADFS and WSFED protocols.

  • Support for remote Logins such as Radius VPN, Website Protection, ADFS, Windows, Citrix

  • You login to one cloud app and you don't need to authenticate separately to the rest of them.

Workflow -


Single Sign On(SSO) solution for Mendix

1. The user sends the request to access the resource from the application.

2. The Application sends an authentication request to miniOrange.

3. The miniOrange forwards the authentication request to Active Directory via miniOrange Gateway.

4. Active Directory sends the response to application through miniOrange. This response contains the user’s information as well as the authentication status, based on which the user is given access to the resource.

5. Upon successful authentication, the user is given access to the resource.





We can connect with any directory


miniOrange provides user authentication from external directories like Microsoft Active Directory, Azure AD, AWS Cognito etc. It also provides user authentication with other IDPs like Shibboleth, PING, Okta, OneLogin, KeyCloak and many more.



Actually, it's very easy. Let's follow the steps and in the end, we will get your answeres.

  • Click here and log in with your miniOrange account.
  • Navigate to User Stores menu option and click on Add User Store button
Single Sign On(SSO) solution for Mendix

  • Navigate to AD/LDAP tab and choose either of the following two options:
    • STORE LDAP CONFIGURATION IN MINIORANGE: Choose this option if you want to keep your configuration in miniOrange. If active directory is behind a firewall, you will need to open the firewall to allow incoming requests to your AD.
    • STORE LDAP CONFIGURATION ON PREMISE: Choose this option if you want to keep your configuration on your premises and only allow access to AD inside premises. You will have to download and install miniOrange gateway on your premises.
Single Sign On(SSO) solution for Mendix

  • Now, provide the following values:
  • Directory Type:Active Directory
    LDAP Server URL:Your AD server URL or IP address
    Bind Account DN:Please perform below steps
    Bind Account Password:Please perform below steps
    Search Bases:Please perform below steps
    Search Filter:Please perform below steps

  • Go to AD FS-> Domain-> respective Users -> Properties-> Attribute Editor. Now copy the value of distinguishedName and paste it against Bind Account DN.

Single Sign On(SSO) solution for Mendix

  • Enter the valid password for the user from above the step.
  • Search Base is a user search location. It means where to search for a user.
Single Sign On(SSO) solution for Mendix

  • If you want to add extra conditions on user search you can add it in Search Filter. If you are not sure what to add, then add (&(objectClass=*)(cn=?)).
Single Sign On(SSO) solution for Mendix

  • Click on save. After this, it will show you the list of User stores. Click on Test Configuration to check whether you have entered valid details. For that, it will ask for username and password.
Single Sign On(SSO) solution for Mendix SAML Solution


you have successfully connected active directory to the miniOrange. Now its time to connect your mendix application and miniOrange.




It can be configured by following the steps given below -

  • 1. Create a mendix application.
  • 2. Add ‘SAML Module’ from mendix app store using this link

Note - Not all versions of the SAML module will work correctly when implementing SSO for your hybrid app. Please make sure you use a version of the SAML module that is capable of creating mobile app tokens (that is, version 1.9.3 or above). We recommend updating the SAML module to the latest version available and if needed, updating the Mendix version of your application.


  • Create an app in mendix that will run on the local machine, you can configure specific runtime like localhost:8081 for app.
  • Add a SAML Module into the app. You can download it from the link.
  • Run mendix app and follow the documentation to set up sp metadata.
  • Download service provider metadata.

Single Sign On(SSO) solution for Mendix SAML Solution


Now configure a SAML app in miniorange. To do that follow the steps-

  • Navigate to the admin dashboard.
  • Go to Apps >> Manage Apps. Click Configure Apps button.
  • Click on the SAML tab. Select custome app. You will see the below screen.

Single Sign On(SSO) solution for Mendix SAML Solution


  • Click on import metadata and upload the metadata file which is download above.
  • Select NameId: as email address and NameID format you require.
  • You can add some extra attributes like first-name and last-name by clicking ‘add attributes’.
  • Select Group Name as DEFAULT.
  • Fill the policy name.
  • Select first factor type from the dropdown and click on the save button.

Single Sign On(SSO) solution for Mendix SAML Solution



After saving the app details, an app will be configured in miniorange with metadata as you can see in below image -



Single Sign On(SSO) solution for Mendix SAML Solution



  • Click on ‘metadata’ which will take you to idp metadata page.

Single Sign On(SSO) solution for Mendix SAML Solution


  • Take entity id , certificate and saml login url and fill them in service provider configuration in mendix app.
  • Now you can test configuration and see if they are successful or not as shown below.

 Single Sign On(SSO) solution for Mendix SAML Solution


If it shows green tick under the Request and Response columns as shown in the above image, then SSO is performed successfully.




We offer Security Solutions of Single Sign-On, Two Factor Authentication, Fraud Prevention and much more.

Please call us at +1978 658 9387 (US), +91 77966 99612 (India) or email us at info@xecurify.com