< All Topics

Login Profile - External Identity Provider or SSO

In this document, we will look into the creation of a login profile to enable authentication using an external identity provider such as Active Directory, IAM identity center, Okta, etc. Further configurations will be required to be done at the identity provider side and you can refer to relevant documentation for the same.

Login Profile

Follow the below steps to create a new login profile to integrate with the external identity provider.

  • Log in to Admin Console as an administrator.
  • Click on Login Profiles from the left menu of the Admin Console.
  • Click on CREATE button from the top right corner.
  • Under the Basic Info tab, provide a name for the title and an optional description.
FTPS Login Profile

Access

  • Provide an IP Address or IP Addresses in the IP Address Restriction field.
  • Choose the language in the Language field. By default it is set to English.

Note – To restrict access to only certain white listed IP address or a range, please refer to Access Restriction with IP Address

au

Authentication

  • Click on the Authentication tab.
  • For the Authentication, select External Single Sign On (SSO) and click on CREATE.
sso

SAML Metadata

For external identity provider integration, you will require SAML metadata from the login profile of NirvaShare. To obtain the SAML metadata for the newly created login profile, follow the below steps.

  • Edit the newly created login profile.
  • Click on the Download Metadata link.
  • This will download the XML metadata file for NirvaShare.
  • This metadata file will be required to configure the external identity provider and please save this file locally for further reference.
acs

Note – At a later stage, you will also require SAML metadata from the identity provider and content of the same has to be pasted in the textbox and saved in the login profile.

ACS and Entity Id/Metadata URL

In most cases, while configuring the identity provider, you can directly upload NirvaShare SAML metadata file that we obtained in previous section, but however with certain identity providers, instead of metadata file, you may require  ACS and metadata URL  In those cases, use the ACS URL mentioned in the login profile. For Entity ID, use the Metadata URL.

Table of Contents