Enable your CyberArk users to access 1Password SaaS Manager with Single-Sign-On (SSO).
Configuration in CyberArk
Add the Web App
- Navigate to Apps & Widgets > Web Apps and select Add Web Apps.
- Select SAML, then select Add.
- Confirm that you want to add the application.
- Close the Add Web Apps dialog so that you can edit the new app's settings.
Settings
- Enter a Name, for example "1Password SaaS Manager".
- Download the SaaS Manager logo and upload it in the Logo field.
- Enter an Application ID, for example
saas_manager_saml. - If you want users to see the tile in the User Portal, make sure Show in user app list is checked.
- Select Save and move to the Trust tab.
Trust
- Under Identity Provider Configuration, select Copy XML in the Metadata section.
- In a separate browser tab, switch to SaaS Manager, and go to Settings > Users.
- Under Single Sign-On (SSO) > SAML providers, select the New button to add a new SAML identity provider.
- Enter a name (CyberArk) and paste in the XML metadata that you copied to the clipboard above.
- Select Create.
- Now you will need to paste the SAML Entity ID and SAML Assertion Consumer Service (ACS) URL from SaaS Manager into CyberArk.
- Paste them in, and select emailAddress as the NameID Format.
- Select Save and move to the SAML Response tab.
SAML Response
-
You need to add two attributes to map the logged in user's first name and last name.
Attribute Name Attribute Value given_nameLoginUser.FirstName family_nameLoginUser.LastName - Select Save and move to the Permissions tab.
Permissions
Add the relevant users, roles or groups to the Permissions tab. We recommend assigning to a test user before wider deployment.
Make sure the Run and Automatically Deploy checkboxes are selected.
Select Save, and the status should change to Deployed.
Test the connection
From the User Portal, select the 1Password SaaS Manager tile to login.
New users will be provisioned with the role specified under Settings > Users > Default role.
Comments
0 comments
Please sign in to leave a comment.