Search Documentation
Table of Contents
< All Topics

SSO Configuration for AdminConsole

In this document, we will look in to the required configurations needed to configure AdminConsole to enable SSO using external identity providers such as ActiveDirectory, IAM Identity Center, Okta, etc.

Prerequisites

Make sure, you have the SAML metadata file of the external identity provider.

NirvaShare Configuration​

  • Login to NirvaShare AdminConsole and click on Users & Roles tab.
  • Edit the existing Default Role
  • In the Access Settings, select the Full Access checkbox and click UPDATE. Later you can change the access to default logins.
  • SSH to Linux terminal where NirvaShare is installed, create a file with the below path and filename. Make sure you login as root user.
/var/nirvashare/config.properties
  • Add the following entries in to the file.
ns_external_idp=true
ns_auto_create_user=true
ns_saml2_sp_company_name= <Your company name>
ns_saml2_sp_email=<your contact email id>
ns_saml2_sp_domain_url=https://<adminconsole domain name>
  • Make sure you replace with a proper values for attributes names
    ns_saml2_sp_company_name
    ns_saml2_sp_email
    ns_saml2_sp_domain_url
  • Save the config.properties.
  • Copy the SAML metadata file obtained from external identity provider to here in the same folder with filename as idp-metadata.xml as shown below.
/var/nirvashare/idp-metadata.xml
  • Restart Admin Console service using below command
docker restart nirvashare_admin

NirvaShare SAML Metadata

In case you require the SAML metadata file of NirvaShare AdminConsole for configuring External Identity Provider, the same can be obtained using the below URL Make sure to mention your domain name.

Metadata URL - https://admin.yourcompany.com/saml/0/metadata

Save the content of above URL in to local file system. This will be the SAML metadata file of Admin Console of NirvaShare.

Certain external Identity Providers may instead require ACS and Entity Id URLs instead of metadata file. In those cases, please refer to below URLs.

ACS URL - https://<your domain>/saml/0/acs
Entity Id URL - https://<your domain>/saml/0/metadata