SSO SAML
Example Configuration:
[service.local]
protocol = "http"
policy = "failover"
admins = ["admin"]
[service.local.credential]
username = "user"
password = "password"
[[service.local.targets]]
hostname = "b2bmft.stonebranch.com"
port = 9180
Example with Okta
Under your account create a new App Integration
Follow the steps:
- Set the application Name:
- SAML Settings
For callback ( POST ) use: https://<fqnd>:<port>/service/auth/sso/saml/callback
Example B2B:
https://b2bmft.stonebranch.com:9190/service/auth/sso/saml/callback
Review you configuration under
From this view copy Point 1 and download the certificate
Create the following entry under the Proxy configuration for a service
[service.local.auth.saml]
file = "udmg-sso-okta.json"
Create a configuration file udmg-sso-okta.json
{
"entityIssuer": "udmg-sso",
"ssoURL": "https://dev-39492773.okta.com/app/dev-39492773_udmgsso_1/exk9a2wo9rT8orbpj5d7/sso/saml",
"ca": "/config/udmg-okta-sso.cert",
"redirectURI": "https://b2bmft.stonebranch.com:9190/service/auth/sso/saml/callback",
"insecureSkipSignatureValidation": true,
"usernameAttr": "name",
"emailAttr": "name",
"groupsAttr": "groups"
}
Restart the Auth Proxy
Go to the Admin UI and select the SAML Provider:
Okta documentation:
https://help.okta.com/oag/en-us/Content/Topics/Access-Gateway/add-app-saml-pass-thru-add-okta.htm