Online Help

SafeNet Trusted Access for WSO2 Identity Server

Overview

Configuring SafeNet Trusted Access for WSO2 Identity Server is a three-step process:

1.WSO2 Identity Server setup

2.SafeNet Trusted Access setup

3.Verify authentication

WSO2 Identity Server Setup

As a prerequisite, download the Identity Provider signing certificate from the SafeNet Trusted Access console by clicking the Download X.509 certificate button. You will need this certificate in one of the steps given below.

Perform the following steps to configure SafeNet Trusted Access as your Identity Provider in WSO2 Identity Server:

1.Log in to WSO2 Identity Server as an administrator using the https://<IP Address or FQDN of WSO2 Identity Server>:<Port No>/ URL.

2.On WSO2 Identity Server Management Console, in the left pane, under Identity Providers, click Add.

3.In the right pane under Add New Identity Provider, perform the following steps:

a.In the Identity Provider Name field, enter a name for the identity provider (for example, SafeNet).

b.In the Display Name field, enter a display name for the identity provider (for example, SafeNet).

c.Under Identity Provider Public Certificate, click Choose File to search and select the identity provider certificate that you downloaded earlier from the SafeNet Trusted Access console.

4.Expand Federated Authenticators.

5.Expand SAML2 Web SSO Configuration and perform the following steps:

a.Select Enable SAML2 Web SSO.

b.In the Service Provider Entity Id field, enter the entity ID of the server provider (for example, localhost).

c.In the Identity Provider Entity Id field, enter the Issuer/Entity ID URL that is provided on the SafeNet Trusted Access console.

You can copy this URL by clicking the Copy to Clipboard icon available next to the Issuer/Entity ID field.

d.In the SSO URL field, enter the SingleSignOnService URL that is provided on the SafeNet Trusted Access console.

You can copy this URL by clicking the Copy to Clipboard icon available next to the SingleSignOnService URL field.

e.In the Authentication Context Class field, select Unspecified.

f.Select or enter values for the remaining fields as per your preferred configuration.

g.Click Register.

6.In the left pane, under Service Providers, click List.

7.In the right pane, click Edit for the service provider (for example, salesforce) that you want to modify.

8.Under Local & Outbound Authentication Configuration, perform the following steps:

a.In the Authentication Type field, select the Federated Authentication option and then from the drop down box, select SafeNet as the identity provider that your created in step 3(a).

b.Click Update.

SafeNet Trusted Access Setup

After completing the first step of configuring SafeNet Trusted Access in WSO2 Identity Server, the second step is to activate the WSO2 Identity Server application in SafeNet Trusted Access by performing the following steps:

1.In the Applications pane, you will notice that the WSO2 Identity Server application that you added previously is currently in inactive state by default. To configure and activate this application, click the application (for example, WSO2 Identity Server) and proceed to the next step.

2.Under STA Setup, perform the following steps:

a.In the ENTITY ID field, enter the entity ID of WSO2 Identity Server (for example, localhost).

b.In the ASSERTION CONSUMER SERVICE URL field, enter the assertion consumer service URL of WSO2 Identity Server (for example, https://localhost:9443/commonauth).

c.Enter or select values for the remaining fields as per your preferred configuration.

3.Click Save Configuration to save the details and activate the WSO2 Identity Server application in SafeNet Trusted Access.

Verify Authentication

Using STA Console

Navigate the application login URL hosted on WSO2 Identity Server, for example https://example.salesforce.com. Click Use your Safenet credential, you will be redirected to the SafeNet Trusted Access sign-in page. Enter your primary directory login information, approve the two-factor authentication, and you should be redirected to the WSO2 Identity Server application after authentication.

Using STA User Portal

Navigate to the User Portal URL to log in to the STA User Portal dashboard. On the dashboard, you will see a list of applications to which you have access. Click on the WSO2 Identity Server application icon, you should be redirected to the WSO2 Identity Server application after authentication.

 

© 2018 SafeNet Trusted Access. Various trademarks held by their respective owners.