Search here...
< All Topics

Prolaborate and IBM Security Access Manager Integration


Your Prolaborate site should have a valid SSL Certificate.

If you don’t have an SSL Certificate, you can create a self-signed certificate yourself. Please get in touch with the Prolaborate team to know more about it.

Service Provider Configuration

To configure the Service Provider, click on Menu → SAML Single Sign On.

From the top of the page that opens, click on Enable SSO.

Under Service Provider Configuration,

Name The name will be prefilled
Assertion Consumer URL Assertion Consumer URL will be Prefilled
Certificate File Choose the .pfx file of your SSL certificate
Certificate Password Enter the Password of the .pfx file

Configuring Prolaborate in IBM Security Access Manager

The following sections will elaborate on the steps involved in setting up Prolaborate in IBM Security Access Manager.

Create a new SAML Application

To create a SAML application, follow the below steps:

Sign into the IBM Security Access Manager using your administrator account

Click Application in the landing page.

Click on Add application to create your customised application

It will navigate you to the below page. In there, select Custom Application and Click Add.

Define your Custom Applications name and Company name.

Add application “Owner”.

Users get a Modal window to add Owner. Select the owner and click OK.

SAML Single sign-on Configuration

Follow the below steps to configure SAML Single sign-on and get the required information that is needed to configure from the Prolaborate part:

In the SAML Configuration page enter the details in the respective fields as mentioned in the below table.

Provider ID In this field copy & paste the Name from the Prolaborate Service Provider configuration
Assertion Consumer Service URL(HTTP_POST) In this field copy & paste the Assertion Consumer URL (ACU) from the Prolaborate Service Provider configuration
Single logout URL (HTTP_POST) In this field copy & paste the Sign Out URL from the Prolaborate Service Provider configuration

Configure Attributes Mapping in Prolaborate

To configure the Attribute Mapping in Prolaborate, set up the below given Attributes format on IBM attribute mappings.

To use the SAML User groups in the Prolaborate. kindly choose the User group attribute from the dropdown and paste it in the Prolaborate SAML configuration.

Copy the IBM Attributes Name and paste them into Prolaborate Attributes Mapping.

Download Signed Certificate for upload

Download Certificate file. This certificate will be used in the Identity Provider configuration in Prolaborate.

Download Federation Metadata XML by click link as shown in the below image. You can avail Entity ID URL, Single Sign-On Service and Single Logout Service URL from this file, which will be used as Name and Sign out URL in Identity Provider configuration in Prolaborate

Configure Identity Provider in Prolaborate

Navigate back to Prolaborate and click on Menu → SAML Single Sign On. Follow the steps to fill in the details in Identity Provider (IDP) Configuration.

1) Fill the Name field using the Entity ID URL from the downloaded Federation Metadata XML file.

2) Fill the Sign in URL field using SingleSignOnService URL from the downloaded Federation Metadata XML file.

3) Fill the Sign Out URL field using Single Logout Service URL from the downloaded Federation Metadata XML file.

4) Certificate File: Copy this value and save the file as .cer format.
Choose the .cer file in the SAML Signing Certificate section.

Configure Default Access Control Profile in Prolaborate

Access Control Profiles let you define repository access rules and default user group membership for users added via SSO or Sign up.

To create an Access Control Profile, click on Menu > Access Control Profiles under portal settings. Click here to know more.

Log in with IBM Credentials

Once the configuration is done, users will see a new button on the login page called Login with SSO.

When users click on Login with SSO, it will be redirected to an URL as per configuration.

Now enter the IBM Security Access Manager credentials to login to Prolaborate.

If you’re experiencing challenges signing in using SSO, go at SAML Assertion Validation to debug the SAML configurations.

Logging out from Prolaborate

When a user logs out from Prolaborate, the user will be logged out from all applications signed in using their SSO credentials.


Start Here
Book a Demo