Enable and Configure Single Sign-On

vinugayathri.chinnasamy@indusface.com Updated by vinugayathri.chinnasamy@indusface.com

Streamline access with Single Sign-On (SSO) on AppTrana WAAP, simplifying login processes for your team and ensuring seamless authentication, eliminating the need for repeated sign-ins.

Part 1: Enable AppTrana WAAP Single Sign-On (SSO)

  1. Log in to the AppTrana WAAP portal and navigate to Manage -> Single Sign-On.

  1. Toggle the Single Sign-On tab to Enabled.

Note down the details displayed on the screen for configuring Okta, your identity provider.

Part 2: Okta Configuration for SSO

Follow the step-by-step guide to create the application on OKTA "https://developer.okta.com/login/".

Generate IDP Metadata file and Certificate
  1. Login to url https://developer.okta.com/login/ with a gmail account or sign-up with an email.
  2. To create an application in OKTA, click on Applications

  1. Click on "Create App Integration"

  1. Select "SAML 2.0", and click "NEXT"

  1. Give any "App Name" as per your convenience, click "NEXT".

  1. In "SAML Setting" enter all the data as mentioned in the below screen shot. (Copied from Part 1)

We have used URL "https://sso.qa-apptrana.com" because the "SSO-SVC" code is deployed on the machine sso.qa-apptrana.com.

  1. Click NEXT
  2.  Select this "I'm an Okta customer adding an internal app" option and click on "Finish".

  1. After "Finish"click on "View IdP metadata" save it with .xml extension and "Download Certificate".

 

  1. After you have an IDP and Certificate file you can upload these files using UI.
Create user and assign it to Application which we created in above step

 

  1. Click on Directory --> People --> Add Person

  1. Fill the respective details of the users you want to add and click on Save.

  1. Once a user is created. Go to Applications --> Assignments --> Assign --> Assign to People

 

  1. Click on Assign to how many users you want to assign to the particular application. Once the assignment of users is completed, click on Done.

Part 3: Configuring AppTrana WAAP Single Sign-On (SSO)

  1. Upload the XML and Certificate downloaded from Okta in Part 2 Setup.

  1. Click Submit to complete the setup.
SSO activation takes effect from the next working day. Users should continue using their username and password to access the AppTrana portal today.

After SSO activation, users with SSO enabled can log in directly to AppTrana using their username.

SAML Integration With Azure 

To configure SAML in AppTrana WAAP, you'll need specific items from Azure. Follow these steps to obtain them:

Required items from Azure 

To set up SAML in AppTrana WAAP, you'll need specific details from Azure. Here's what you'll need to gather:

  • Certificate (Base 64)
  • Login URL
  • Logout URL
Steps to configure SAML 
  1. Create a new application (Only Admin Access can do this): 
  • Sign in to your Microsoft Azure portal as an admin.
  • Navigate to Azure Active Directory, and Go to Enterprise Applications under Manage.
  • Select All Applications, then click New Application. Choose Create your own application.
  1. Add the Application name 
  • Enter a name for your application.
  • Select "Integrate any other application you don't find in the gallery" and click Create.
  • Once you've completed these steps, you'll have access to the required configurations from Azure to set up SAML in AppTrana WAAP.

  1.  Set up WAAP details in Azure for SSO:
  • Go to the "Set up single sign-on" option. Click on "Get Started" as indicated in the screenshot below.

  • Choose the SSO method from the available options. Select the SAML option as shown in the screenshot below

  1. Now, add Identifier (Entity ID) & Reply URL in basic SAML Configuration according to the following steps and screenshot:
  • Click on the Edit option located in the right corner to update the requested URLs.

  1. Next, proceed to Add Attribute: Click on the Edit option as indicated in the screenshot below.

  • Upon clicking, you will be directed to an interface for Attributes & claims, you need to click on the "Add new claim" option as shown in the screenshot below.

  1. After clicking, add the attribute name and attribute value obtained from the WAAP portal’s SSO configuration section.
  •    Add Name as "user.apptrana_username".
  •    Add Source attribute as "user.apptrana_username".

Once added, click Save and Proceed.

  1. Assign Users/Groups to the application:

·       After creating the app, proceed to assign users to access it.

·       Select the recently created application.

·       Navigate to the User and Groups section, as indicated in the screenshot below.

·       Click on the "Add user/group" option.

·       Add the users/groups from the available list of your users to the application and Save.

·       Once saved, all the Azure configurations for the SSO configuration are complete.

  1. Download the SSO application certificates from Azure:

·       Navigate back to the Single sign-on application that you recently created.

·       Scroll down until you find the section labeled "SAML certification".

·       From here, download the Certificate (Base64) and Federation Metadata XML as shown in the screenshot below.

·       Save these files in a folder that is easily accessible.

  1. Upload the download the Certificate (Base64) and Federation Metadata XML downloaded from Azure Setup to the AppTrana WAAP for SSO activation. (Refer: Part 3: Configuring AppTrana WAAP Single Sign-On (SSO))

How did we do?

Manage WAAP Email Alerts

WAF Automated Bypass and Unbypass

Contact

This site is protected by hCaptcha and its Privacy Policy and Terms of Service apply.