Page Comparison

...

UDMG Authentication Proxy enables Web Browser Single Sign-On (SSO) on the UDMG Admin UI through Security Assertion Markup Language 2.0 (SAML 2.0).

SAML 2.0 is an XML-based protocol for exchanging security information between a SAML Identity Provider and a SAML Service Provider.

As a SAML Service Provider, UDMG Authentication Proxy accepts authentication assertions from a configured SAML Identity Provider compliant with the SAML 2.0 Web Browser Single Sign-On profile.

SAML Single Sign-On eliminates the need for application-specific passwords. UDMG Admin UI issues an authentication request to the configured Identity Provider, through the web browser, for any unauthenticated user accessing the UDMG Admin UI web application through the selected service and provider on the login page.

UDMG Authentication Proxy uses SAML Single Sign-On for authentication and User Provisioning. All user and group authorization must be configured within UDMG through Permission assignment.

Example Configuration:

[service.local]
protocol = "http"
policy = "failover"
admins = ["admin"]

[service.local.credential]
username = "user"
password = "password"

[[service.local.targets]]
hostname = "<fqdn>"
port = <port>

Example with Okta App Integration

Before you begin, the Single sign on URL (SAML Post URL location, or callback URL) must be determined.

It will be in the form https://<FQDN>:<PORT>/service/auth/sso/saml/callback, where FQDN and PORT are the name and port for the host where the UDMG Authentication Proxy and NGINX server are installed.

For example https://udmg.stonebranch.com:8080/service/auth/sso/saml/callback.

To configure the SAML integration on Okta, follow these steps:

...

• Enter an App name such as UDMG SSO and click Next:

• In Configure SAML step, in the SAML Settings section, enter value for 

  Single sign on URL

  
  

• Keep the other default setting and click Next.

...