View Source

Configure SAML Role Permission

Navigate to Groups & Settings > All Settings > System > Enterprise Integration > Directory Services.

Under Advance Enable 'Use SAML for Authentication

DualShield MFA Platform > Workspace One Configuration > VM13.png

Upload the IDP metadata file that you had downloaded in the previous section Obtain the IDP Metadata File.

DualShield MFA Platform > Workspace One Configuration > VM14.png

The fields regarding IDP Suingle Sign-On URL; Sp Assertion and Certificate will autopoulate.

Leave other settings such as NameID Format as default.

DualShield MFA Platform > Workspace One Configuration > Thycotic 6.png

Configure SAML SSO:

Navigate to Admin > Configuration.

Click the SAML tab

Click the Edit button in the SAML General Settings section.

Click to select the SAML Enabled check box.

Click the Save button.

DualShield MFA Platform > Workspace One Configuration > Thycotic 7.png

Click the Edit button in the SAML Service Providers section.

Type a name for your service provider, in the Name text box.

Click the Select Certificate link. The Upload Certificate popup appears:

Click the Upload Certificate button to upload your commercial SSL certificate (Usually in pfx format)

Type Password

Click OK.

Click on Download Service Provider Metadata.

DualShield MFA Platform > Workspace One Configuration > Thycotic 8.png

Under Identity Providers click on Create New Service Provider

Click Import IDP from XML Metadata and select the IdP metadata.xml file you saved previously. (refer to Obtain the IDP Metadata File section)

DualShield MFA Platform > Workspace One Configuration > Thycotic 11.png