Login Profile - External Identity Provider or SSO
In this document, we will look into the stepwise procedure to create a login profile in order to enable authentication using an external identity provider or SSO such as Microsoft Entra Id (Active Directory), IAM identity center, Okta, etc. Further configurations will be required to be done at the identity provider side and you can refer to relevant documentation for the same.
Login Profile
In order to create a Login Profile in NirvaShare, you can make use of the following steps.
- Log in to the Admin console of NirvaShare as an administrator.
- Click on User Access and then Login Profile from the left menu of the admin console.
- Click on CREATE button from the top right corner.
- Under the Basic Info tab, provide a name for the Login Profile Name and an optional description.
Authentication
- For the Authentication, select External Single Sign On (SSO) and click on CREATE.
SAML Metadata
For external identity provider integration, you will require SAML metadata from the login profile of NirvaShare. To obtain the SAML metadata for the newly created login profile, follow the below steps.
- Edit the newly created login profile.
- Click on Download SP Metadata or you can also copy it to the clipboard to open in a browser tab.
- This will download the XML metadata file for NirvaShare.
- This metadata file will be required to configure the external identity provider. So please save this file locally for further reference.
Note – At a later stage, you will also require SAML metadata from the identity provider and content of the same has to be pasted in the textbox and saved in the login profile.
ACS and Entity Id/Metadata URL
In most cases, while configuring the identity provider, you can directly upload NirvaShare SAML metadata file that we obtained in previous section, but however with certain identity providers, instead of metadata file, you may require ACS and metadata URL In those cases, use the ACS URL mentioned in the login profile. For Entity ID, use the Metadata URL.