Login Profile - External Identity Provider or SSO
In this document, we will look into how to create a login profile to enable authentication using an external identity provider such as ActiveDirectory, IAM identity center, Okta, etc. Further configurations will be required to be done at identity provider side and refer to relevant documentation for the same.
Follow the below steps to create a new login profile to integrate with the external identity provider.
- Log in to Admin Console as an administrator.
- Click on Login Profiles from the left menu of the Admin Console.
- Click on CREATE button from the top right corner.
- Provide a name for the title.
- For Authentication, select External Single Sign On (SSO) and click on CREATE.
Note – To restrict access to only certain white listed IP address or a range, please refer to Access Restriction with IP Address
For external identity provider integration, you will require SAML metadata from the login profile of NiraShare. To obtain the SAML metadata for the newly created login profile, follow the below steps.
- Edit the newly created login profile.
- Click on the Download Metadata link.
- This will download the XML metadata file for NirvaShare.
- This metadata file will be required to configure the external identity provider and please save this file locally for further reference.
Note – Later stage, you will also require SAML metadata from identity provider and content of the same have to be pasted in the textbox and save the login profile.
ACS and Entity Id/Metadata URL
In most cases, while configuring the identity provider, you can directly upload NirvaShare SAML metadata file that we obtained in previous section, but however with certain identity providers, instead of metadata file, you may require ACS and metadata URL In those cases, use the ACS URL mentioned in the login profile. For Entity ID, use the Metadata URL