Salesforce - SAML Relying Party Configuration - RSA Ready Implementation Guide
3 months ago

This article describes how to integrate Salesforce with RSA Cloud Access Service (CAS) using Relying Party.

    

Configure CAS

Perform these steps to configure CAS using Relying Party.
Procedure

  1. Sign in to the RSA Cloud Administration Console.
  2. Click Authentication Clients > Relying Parties.
  3. On the My Relying Parties page, click Add a Relying Party.
  4. On the Relying Party Catalog page, click Add for Service Provider SAML
  5. On the Basic Information page, enter the name for the application in the Name field and click Next Step.
  6. On the Authentication page, choose RSA manages all authentication.
  7. In the 2.0 Access Policy for Authentication drop-down list, select a policy that was previously configured, and then click Next Step.
  8. Under Data Input Method, choose Import Metadata.
  9. Click Choose File and import the metadata downloaded from Salesforce to populate the ACS URL and Service Provider Entity ID.
  10. Under the Message Protection section, choose IdP signs entire SAML response.
  11. Scroll down to the User Identity section and select the following values:
    1. Identifier Type: unspecified
    2. Property: mail

  12. Click Save and Finish.
  13. Click Publish Changes and wait for the operation to be completed.
    After publishing, your application is enabled for SSO. 
  14. Under My Relying Parties, navigate to the newly created relying party.
  15. In the Edit drop-down list, choose Metadata.

     

Configure Salesforce

Perform these steps to configure Salesforce.
Procedure 

  1. Log in to the Salesforce tenant with an administrator account.
  2. Click the gear icon and click Open Advanced Setup.
  3. In the left pane, search for Single Sign-On Settings under the Identity section and click it. 
  4. Click Edit and select the SAML Enabled checkbox, if not selected already, and then click Save.
  5. Choose the metadata file downloaded from RSA and click Create.
  6. Add the downloaded IdP certificate and click Save.
  7. Click Download Metadata.
  8. Navigate to My Domain under Company Settings.
  9. Click Edit under Authentication Configuration, select the checkbox with your configuration name, and then click Save

The configuration is complete.

Related Articles

Trending Articles

Don't see what you're looking for?