Login Profile - External Identity Provider or SSO
In this document, we will look into the creation of a login profile to enable authentication using an external identity provider such as Active Directory, IAM identity center, Okta, etc. Further configurations will be required to be done at the identity provider side and you can refer to relevant documentation for the same.
Login Profile
Follow the below steps to create a new login profile to integrate with the external identity provider.
- Log in to Admin Console as an administrator.
- Click on Login Profiles from the left menu of the Admin Console.
- Click on CREATE button from the top right corner.
- Provide a name for the title.
- For Authentication, select External Single Sign On (SSO) and click on CREATE.
Note – To restrict access to only certain white listed IP address or a range, please refer to Access Restriction with IP Address
SAML Metadata
For external identity provider integration, you will require SAML metadata from the login profile of NirvaShare. To obtain the SAML metadata for the newly created login profile, follow the below steps.
- Edit the newly created login profile.
- Click on the Download Metadata link.
- This will download the XML metadata file for NirvaShare.
- This metadata file will be required to configure the external identity provider and please save this file locally for further reference.
Note – At a later stage, you will also require SAML metadata from the identity provider and content of the same has to be pasted in the textbox and saved in the login profile.
ACS and Entity Id/Metadata URL
In most cases, while configuring the identity provider, you can directly upload NirvaShare SAML metadata file that we obtained in previous section, but however with certain identity providers, instead of metadata file, you may require ACS and metadata URL In those cases, use the ACS URL mentioned in the login profile. For Entity ID, use the Metadata URL