Skip to main content

How can we help you?

Druva Documentation

How to configure SSO for Druva Cloud Platform using CyberArk as IdP

 

Overview

This article describes the steps to configure SSO for Druva Cloud Platform ( DCP ) using CyberArk as an IdP.
In CyberArk portal, we can configure SSO either using the Default Druva App or a Custom app.


Configuration steps:
·         Configure Using Default Druva App in IdP:
·         Configure using a custom app in IdP.
·         Configure SSO Settings on the Druva Admin console.

Steps to configure using Default Druva app in CyberArk portal

1.    Go to the CyberArk console
2.    Navigate to the admin Portal by clicking the App Launcher.

3.    Go to Web Apps > Click on Add Web Apps > Search for Druva app.

4.    Search for Druva > Click Druva InSync (SAML) > Click Add.
5.    Enter the Token <<SSO TOKEN>>

6.    Click on Trust Tab on the left pane.
7.    Click on Manual configuration. 

8.    Enter the Service Provider Entity ID as:
For Public Cloud: DCP-login
For Gov Cloud: DCP-loginfederal


9.    Enter the Reply URL (Assertion Consumer Service URL) as:
For Public Cloud: https://login.druva.com/api/commonlogin/samlconsume 
For Gov Cloud: https://loginfederal.druva.com/api/commonlogin/samlconsume

Note: Attributes are not present in the Application by default, we will have to create an attribute for "druva_auth_token"

10.    Click on SAML Response tab on the left pane.

11.   Click on Add
Attribute name = druva_auth_token
Attribute value= <<SSO token>>


10.   Click Save.

Note: When using default Druva app, we will have to enter the SSO token in the setting tab “Your SSO token” and then again create a custom attribute for “druva_auth_token” with the value as “<<SSO TOKEN>>, if not done, it will not allow us to proceed further.

As per the Pre-DCP (old) configuration, it uses “insync_auth_token” (hard coded) and fetches the token value from “Your SSO Token “ section, however, in DCP configuration (new), we use “druva_auth_token” and the value is fetched from the value section.

Steps to configure using Custom App in CyberArk portal

1.    Go to the CyberArk console
2.    Navigate to the admin Portal by clicking the App Launcher.
3.    Click on Add Web Apps.
4.    Click on Custom Tab > Scroll to SAML > Click Add

5.    Enter the name as “Druva SSO” or anything as per your preference.

6.    Click on Save
7.    Click on Trust tab on the left pane.
8.    Click on Manual configuration.

9.    Enter the Service Provider Entity ID as:
For Public Cloud: DCP-login
For Gov Cloud: DCP-loginfederal

10.   Enter Reply URL (Assertion Consumer Service URL):
For Public Cloud: https://login.druva.com/api/commonlogin/samlconsume 
For Gov Cloud: https://loginfederal.druva.com/api/commonlogin/samlconsume

Note: Attributes are not present in the Application by default, we will have to create an attribute for "druva_auth_token"

11.    Click on SAML Response tab on the left pane.

12.   Click on Add
Attribute name = druva_auth_token
Attribute value= <<SSO token>>


13.   Click Save.