- Only a Druva Cloud administrator can set up Single Sign-on.
- Configure Single Sign-on based on the applicable scenarios:
- New inSync customers (on-boarded after July 14, 2018) must configure Single Sign-on using the Druva Cloud Platform Console. For more information, see Set up Single sign-on.
- Existing inSync customers who have not configured Single Sign-on until July 14th, 2018, must configure Single Sign-on using the Druva Cloud Platform Console. For more information, see Set up Single sign-on.
Configure the OneLogin Druva App
- Login to the One Login console using the url https://app.onelogin.com/login.
- In OneLogin, go to Find Applications and add Druva App to your account.
- In the Configuration tab, enter the Authentication Token from Druva inSync. To generate it, you may follow the below steps:
- Sign into inSync Management Console as an admin.
- Click > Settings and open the Single Sign-On Tab.
- Click TokenSSOGenerate.
- Copy the token to the OneLogin system.
4. Save the settings and close the OneLogin app.
Configure the Druva inSync Cloud to use OneLogin:
1. Open the OneLogin admin page and go to Druva App settings.
2. Navigate to the Single Sign-on Tab and note down the Issuer URL and the SAML Endpoints - HTTP URL
3. Logon to the inSync Management Console and Click > Settings.
4. Open the Single Sign-On tab and click Edit under Single Sign-On Configuration.
5. Please enter the details as given below:
- Enter the HTTP SAML Endpoint in the ID Provider Login URL section.
- Copy the content of the public key certificate that your IdP provided in the ID Provider Certificate section. This certificate ensures that the communication between inSync Master and your IdP is secure.
- To get the security certificate go to One login page > Security > SAML. Copy the x.509 Certificate to the ID Provider Certificate section in inSync Management Console.
- Select the AuthnRequests Signed checkbox, if you want signed SAML Authentication Requests.
By default, SAML Authentication Requests are not signed.
- Select the Want Assertions Encrypted checkbox, if you want to enable encryption for the SAML assertions . By default, encryption is disabled.
- Click Save.
Enable SAML in Druva inSync Cloud
- On the inSync Management Console click Profiles.
- Select the profile for which you want to enable SAML.
- On the General tab, click Edit.
- Under User Privacy & Access section, set Login using to Single Sign-on.
- Click Save.