Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Configuring Single Sign-On (SSO) for SanerNow with AWS

            Modified on Sun, 16 Mar at 4:59 PM

            Pre-requisites for signing in via AWS SSO 

            1. Identity Provider Single Sign-On URL 
            2. X.509 Certificate 
            3. Issuer ID 

            Follow the steps given below to retrieve the information mentioned above. 

            Steps to configure AWS SSO 

            1. Sign in to saner.secpod.com  
            2. Go to Control Panel 
            3. Under Settings, select SSO Authentication 
            4. Click on Download SSO metadata file 

            5.  Open the downloaded metadata file from your browser or a text editor

            6. .Copy and save the Entity ID and ACS URL from the metadata file you downloaded.


              1. Note: The UI may vary as AWS continuously updates its interface. 
              2. Sign in to your organization’s AWS Admin Console. 
              3. Go to AWS IAM Identity Centre 
              4. Click Application Assignments in the left menu, then click on Applications
              5. Click Add Applications, select Add Custom SAML 2.0 application, and click on Next.
              7. Under Configure Applications, enter the display name (eg: SanerNow App) in the Display Name field, enter description. 
              8. Scroll down, under IAM identity center metadata, download the metadata file and the certificate. 
              10. Scroll down and under Application Meta Data, enter Application ACS URL. 
              11. Enter Application SAML audience that is entity ID of SanerNow, then click Submit 

                • Once the application is created, Click on Actions drop down and select Edit Attribute mappings.  
                • Now in the Attribute mapping, for subject select the format as emailAddress and enter the string value in the format “${user:subject}” 
                • Click on Add new attribute mapping 
                • Now enter “Email” under User Attribute. Enter the string value in the format “${user:email}”
              15. Click on Save Changes. 
              16. Copy the Identity Provider Single Sign-On URL and identity provider issuer and X.509 Certificate from the downloaded metadata and certificate file. 
              17. Return to the SSO authentication page in SanerNow 
              18. Configure SSO in SanerNow using the downloaded certificate and copied URLs from AWS by following the steps given below: 
              19. Under SSO Authentication, click on new SSO policy.  
              21.  
              22. Enter Issuer ID, SSO Url and Certificate from AWS SSO.  
              23. Specify the required name and description for the SSO policy 
              24. Enable signed authentication if you have configured it in AWS 
              25. Click on Create 
              26. Steps to Assign users to the app in AWS 
              27. Under Applications, select the application created (SanerNow App). 
              28. Under Assigned Users, click on Assign users. 
              29. Select the required users or group and click on Assign Users.  
              30. Assign SSO policy to SanerNow Users 
              31. Note: Before assigning the users, ensure that the User login ID in SanerNow matches with AWS username 
              32. Go to Control Panel. Click on Users.  
              34. Select the users to whom AWS policy should be applied 
              35. Under Actions, select “Enforce SSO authentication” button 
              36. Select the AWS policy from the drop-down  
              37. Click on Confirm  
              39. Step 1: Log in to SanerNow and then click Control Panel at the top-right to access the Control Panel page. 

                 

                Step 2: All Organizations are selected from the drop-down by default on the control panel page. If the admin has created only one organization, the page will automatically select that organization and show its accounts. 

                 

                Step 3: Click the Users section in the Control Panel. 


              • Step 4: Click New User on the top right corner of the Users page. 
              • Step 5: Specify the Login Id, Name, Organization, and Password. 
              • Step 6: Select the role of the user from the drop-down menu.  
              • Step 7: Select the managing organizations from the drop-down menu 
              • Step 8: To assign SSO Policy to the user, select the created SSO policy from the drop-down. 
              • Step 9: Click the Create button to apply SSO policy to the new user 
              • Test the SAML configuration 
              • Test if the configuration is working properly using the following steps 
              •  
              • Via SP-initiated flow: 
              • Go to SanerNow sign-in page. 
              • Enter your email address, and click Next. You will be redirected to AWS for authentication. 
              • If you have not already signed in to AWS, enter your AWS credentials to sign in. You will be automatically redirected back to SanerNow and will be signed in. 
              • Via IdP-initiated flow: 
              • Sign in to AWS end-user dashboard. 
            9. Click on the SAML app (SanerNow app) you have configured for SanerNow. You will be redirected to SanerNow and will be signed in.



            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0