Skip to content
  • There are no suggestions because the search field is empty.

How can I configure SAML?

  1. Sign in to your cipherscale space administration portal.

  2. Navigate to Teams.

  3. Select the Authentication tab.

  4. Click SAML Configuration for additional configuration.

  5. Set up cipherscale as a Service Provider (SP) in your Identity Provider (IdP). Use the configuration provided in the Cipherscale Metadata section.

    1. The Cipherscale Metadata section provides the Protocol, SP Authentication URL, Valid Redirect URI, and Issuer Name needed for the configuration.

    2. If your IdP accepts a metadata file for configuration, click Download Metadata and use the downloaded file for your configuration

  6. Optionally, customize the label of the authentication button that will appear for users to authenticate with the IdP.

  7. Provide the metadata needed for cipherscale to communicate with the IdP in the Identity Provider Metadata section

    1. Enter an IdP Name

    2. Select one of the three methods to provide the metadata:

      1. For Metadata URL, provide the URL in the field below.

      2. For Metadata XML, copy-paste the XML in the field below.

      3. For Manual Configuration, provide the IdP Authentication Endpoint and copy-paste the IdP X.509 Public Certificate.

  8. In the Connection section:

    1. Select either POST or REDIRECT for the Data Binding Method

    2. Change the Maximum Authentication Lifetime if needed.

    3. Optionally, enter a Logout URL.

  9. In the Reconnecting to Cipherscale section, select whether the existing session with the IdP should be reused or a new session should be started.

  10. In the Send AuthnContexts section, configure the allowed authentication methods.

    1. Toggle the switch to enable/disable sending contexts

    2. From the AuthnContexts drop-down, select one or more values: PasswordProtectedTransport, X509, Paswordless, Kerberos, TLSClient

    3. Click + Add custom value to add AuthContext values not in the list.

  11. Click Next to view the Attribute Mapping section.

  12. In the User attribute mapping section, provide the attributes defined in your IdP that should correspond to cipherscale values for a User’s Group, Email, Firstname, and Lastname.

  13. If you want to automatically update user groups based on group mapping rules every time a user signs in, turn ON the User group sync from IdP toggle switch.

  14. In the User group mapping rules section, add rules to map the value sent in the SAML IdP user group to a corresponding value in the cipherscale group.

  15. In the Unmapped SAML IdP user groups section, select a cipherscale user group to which users are assigned when a mapping rule for the IdP user group cannot be found.

  16. Click Next

  17. Cipherscale will now try to use the metadata provided for the IdP. If successful, you will return to the Authentication tab.