Search here...
Help Center
< All Topics

Prolaborate and IBM Security Access Manager Integration

Posted

Prolaborate and IBM Security Access Manager Integration

Prerequisites

Your Prolaborate site should have a valid SSL Certificate.

If you don’t have an SSL Certificate, you can create a self-signed certificate yourself. Please get in touch with the Prolaborate team to know more about it.

Service Provider Configuration

To configure the Service Provider, click on Menu → SAML Single Sign On.

SAML Single Sign On


SAML Single Sign On
SAML Single Sign On

From the top of the page that opens, click on Enable SSO.

enable-sso


enable-sso
enable-sso

Under Service Provider Configuration,

service provider configuration


service provider configuration
service provider configuration

Name The name will be prefilled
Assertion Consumer URL Assertion Consumer URL will be Prefilled
Certificate File Choose the .pfx file of your SSL certificate
Certificate Password Enter the Password of the .pfx file

Configuring Prolaborate in IBM Security Access Manager

The following sections will elaborate on the steps involved in setting up Prolaborate in IBM Security Access Manager.

Create a new SAML Application

To create a SAML application, follow the below steps:

Sign into the IBM Security Access Manager using your administrator account

Click Application in the landing page.

Add Application


Add Application
Add Application

Click on Add application to create your customised application

Click Add an Application


Click Add an Application
Click Add an Application

It will navigate you to the below page. In there, select Custom Application and Click Add.

custom application


custom application
custom application

Define your Custom Applications name and Company name.

Application Name


Application Name
Application Name

Add application “Owner”.

Application Name


Application Name
Application Name

Users get a Modal window to add Owner. Select the owner and click OK.

search user


search user
search user

SAML Single sign-on Configuration

Follow the below steps to configure SAML Single sign-on and get the required information that is needed to configure from the Prolaborate part:

In the SAML Configuration page enter the details in the respective fields as mentioned in the below table.

Provider ID In this field copy & paste the Name from the Prolaborate Service Provider configuration
Assertion Consumer Service URL(HTTP_POST) In this field copy & paste the Assertion Consumer URL (ACU) from the Prolaborate Service Provider configuration
Single logout URL (HTTP_POST) In this field copy & paste the Sign Out URL from the Prolaborate Service Provider configuration
IDP-Details


IDP-Details
IDP-Details

signout url


signout url
signout url

Configure Attributes Mapping in Prolaborate

To configure the Attribute Mapping in Prolaborate, set up the below given Attributes format on IBM attribute mappings.

To use the SAML User groups in the Prolaborate. kindly choose the User group attribute from the dropdown and paste it in the Prolaborate SAML configuration.

attribute mappings


attribute mappings
attribute mappings

Copy the IBM Attributes Name and paste them into Prolaborate Attributes Mapping.

attribute mapping prolaborate


attribute mapping prolaborate
attribute mapping prolaborate

Download Signed Certificate for upload

Download Certificate file. This certificate will be used in the Identity Provider configuration in Prolaborate.

attribute mapping prolaborate


attribute mapping prolaborate
attribute mapping prolaborate

Download Federation Metadata XML by click link as shown in the below image. You can avail Entity ID URL, Single Sign-On Service and Single Logout Service URL from this file, which will be used as Name and Sign out URL in Identity Provider configuration in Prolaborate

federation certificate


federation certificate
federation certificate

Configure Identity Provider in Prolaborate

Navigate back to Prolaborate and click on Menu → SAML Single Sign On. Follow the steps to fill in the details in Identity Provider (IDP) Configuration.

idp configuration


idp configuration
idp configuration

1) Fill the Name field using the Entity ID URL from the downloaded Federation Metadata XML file.

Entity ID


Entity ID
Entity ID

2) Fill the Sign in URL field using SingleSignOnService URL from the downloaded Federation Metadata XML file.

signin url


signin url
signin url

3) Fill the Sign Out URL field using Single Logout Service URL from the downloaded Federation Metadata XML file.

sign out url


sign out url
sign out url

4) Certificate File: Copy this value and save the file as .cer format.
Choose the .cer file in the SAML Signing Certificate section.

certificate save


certificate save
certificate save

Configure Default Access Control Profile in Prolaborate

Access Control Profiles let you define repository access rules and default user group membership for users added via SSO or Sign up.

To create an Access Control Profile, click on Menu > Access Control Profiles under portal settings. Click here to know more.

Log in with IBM Credentials

Once the configuration is done, users will see a new button on the login page called Login with SSO.

sso-login


sso-login
sso-login

When users click on Login with SSO, it will be redirected to an URL as per configuration.

IBM login screen


IBM login screen
IBM login screen

Now enter the IBM Security Access Manager credentials to login to Prolaborate.

If you’re experiencing challenges signing in using SSO, go at SAML Assertion Validation to debug the SAML configurations.

Logging out from Prolaborate

When a user logs out from Prolaborate, the user will be logged out from all applications signed in using their SSO credentials.

sparxsystems-logo-inverted

Africa
Asia
Europe
Middle East
North America
Oceania
South America

Follow Us On

Start Here
Solutions
Customers
Resources
© Copyright 2024 | All Rights Reserved
Sparx Systems | EULA | Privacy Policy | Compliance and Trust
Book a Demo