Table of Contents

Support Links

SecureAuth Customer Support and Services

SecureAuth Service Status

Knowledge Base Articles

Breadcrumbs

Page History

Versions Compared

Old Version 10

changes.mady.by.user Daralee Ota

Saved on Jul 21, 2017

compared with

New Version Current

changes.mady.by.user Daralee Ota

Saved on Jul 21, 2017

Key

This line was added.
This line was removed.
Formatting was changed.

...

Panel

borderColor	#444443
bgColor	white
titleColor	white
borderWidth	1
titleBGColor	#444443
borderStyle	solid
title	Prerequisites

Read through and become familiar with the SecureAuth IdP Appliance 9.1 Specifications
Conduct the Pre-deployment Meeting with your Sales Engineer
Complete Getting Started I - Pre-Install
Complete Getting Started II - Install and Setup

...

Panel

borderColor	#135570
titleColor	white
borderWidth	1
titleBGColor	#135570
title	Top Menu

Panel

borderColor	#116490
titleColor	white
borderWidth	1
titleBGColor	#116490
borderStyle	solid
title	Admin Realm

Section

Column

width	50%

Column

Access the Admin Realm (SecureAuth0) from the Home Page in the top menu

This realm is for the SecureAuth IdP Web Admin, and SecureAuth recommends that it is configured first to ensure the safety of the Web Admin

Follow the Web Admin Part II - Admin Realm Configuration Guide to secure the Web Admin, enable external access, and to control access

UI Text Box

type	info

Configure the Admin Realm first to ensure secure remote access

Panel

borderColor	#116490
bgColor	white
titleColor	white
borderWidth	1
titleBGColor	#116490
borderStyle	solid
title	Specialized Realms

Section

Column

width	50%

Column

width	50%

Click Specialized Realms in the top menu, and App Enrollment to view and / or modify the pre-configured realm that enables users to enroll and provision devices / browsers for OATH OTPs and Mobile Login Requests (PUSH Notifications)

Refer to Multi-Factor App Enrollment (URL) Realm Configuration Guide (version 9.1 and 9.2) for more information

Panel

borderColor	#116490
titleColor	white
borderWidth	1
titleBGColor	#116490
title	Tools

Section

Column

width	50%

Column

width	50%

Use the Tools menu to access Web Config settings and update or decrypt the web config files for realms

See SecureAuth IdP Realm Guide - Encrypting and Decrypting Realms for more information

Panel

borderColor	#116490
bgColor	white
titleColor	white
borderWidth	1
titleBGColor	#116490
borderStyle	solid
title	Create Realms

Section

Column

width	50%

Column

Click Create Realms in the top menu, and Create New From Template to create and configure a new realm with the SecureAuth IdP Web Admin Wizard

Expand

title	Create New Realm From Template Configuration Steps

Panel

borderColor	#116490
bgColor	white
titleColor	white
borderWidth	1
titleBGColor	#116490
borderStyle	solid
title	Apps

Section

Column

width	50%

Column

1. Select an application from the provided list to establish the target resource of the new realm

For this example, Google Apps is selected

Panel

borderColor	#116490
bgColor	white
titleColor	white
borderWidth	1
titleBGColor	#116490
borderStyle	solid
title	Step 1. General

Section

Column

width	50%

Column

2. Provide a Page Title/Header, e.g. Google Apps

This will appear in the Web Admin and on the end-user login pages

Panel

borderColor	#116490
bgColor	white
titleColor	white
borderWidth	1
titleBGColor	#116490
borderStyle	solid
title	Step 2. Active Directory

Section

Column

width	50%

Column

width	50%

3. Select Create New from the Data Source dropdown if the Active Directory integration to be used for Google Apps has not been configured in another realm; or select the SecureAuth IdP realm that has the required configurations from the Data source dropdown

If a SecureAuth IdP realm is selected, the other fields will auto-populate with the appropriate values

4. Provide the Active Directory Domain

5. Provide the username of the SecureAuth IdP data store service account in the Service Account Login field

A service account with read access is required to extract information for authentication and assertion, and (optional) write access is required to alter or add information to the data store from SecureAuth IdP (e.g. password update, provisioned devices, knowledge-based questions)

6. Provide the password that is associated to the above username in the Service Account Password field

Panel

borderColor	#116490
bgColor	white
titleColor	white
borderWidth	1
titleBGColor	#116490
borderStyle	solid
title	Step 3. SAML

Section

Column

width	50%

Column

width	50%

7. In the Start Location dropdown, select At Service Provider if the end-user will initiate the login process at Google Apps; or select At SecureAuth if the end-user will initiate the login process at the SecureAuth IdP realm

8. Provide the Service Provider Start URL, which would be a vanity URL, such as https://mail.google.com/a/company.com

9. Provide the RelayState if At SecureAuth was selected in step 7

This is the same as the SAML Target URL in the Web Admin realm configuration

10. Select how SecureAuth IdP will map to the directory user account from the SAML ID (NameID) Mapping dropdown

Panel

borderColor	#116490
bgColor	white
titleColor	white
borderWidth	1
titleBGColor	#116490
borderStyle	solid
title	Step 4. Workflow

Section

Column

width	50%

Column

11. Select Enabled from the Two-factor Authentication dropdown to enable a 2-Factor Authentication workflow for this realm

12. Select the type of persistent token that will be accepted and / or generated in this realm from the Two Factor Persistence dropdown

13. Check the boxes to enable SecureAuth IdP Properties that map to directory Fields (configured in the Data tab) to be used for 2-Factor Authentication

For example, checking Phone 2 enables Voice, SMS / Text, or both OTP delivery to the phone number mapped to Phone 2

14. Select Enabled from the Password Validation dropdown to require a password in addition to the username and second factor

15. Select On Separate/Last Page from the Password Location dropdown to enable a Standard Authentication Mode workflow (username + second factor + password)

Select On first page to have the username and password prompts on the first page, and then the 2-Factor Authentication process will follow

16. Click Next to review the configurations, then click Confirm to create the realm

UI Text Box

type	info

More configurations and settings may be required in addition to these Wizard steps

Section

Anchor

	createnew
	createnew

Column

width	50%

Column

Click Create Realms in the top menu, and Create New From Existing to create a new realm by copying the configurations of another realm

Expand

title	Create New From Existing Configuration Steps

Panel

borderColor	#116490
bgColor	white
titleColor	white
borderWidth	1
titleBGColor	#116490
borderStyle	solid
title	Create New From Existing

Section

Column

width	50%

Column

1. Select the SecureAuth IdP realm that contains the necessary configurations from the Select Realm to Copy dropdown

2. Click Add New Realm

3. A new realm will be created, and by clicking on the new realm on the Home Page, modifications can be made

...

Panel

borderColor	#008388
bgColor	white
titleColor	white
borderWidth	1
titleBGColor	#008388
borderStyle	solid
title	What's Next

Move on to the Web Admin Part II - Admin Realm Configuration Guide to configure the Admin realm

For further information

Learn more about SecureAuth IdP Realms
Refer to the SecureAuth IdP 9.1 Admin Guide for specific configuration and integration guides. Additional methods of support are listed below.

Support options

Web: https://support.secureauth.com
Phone: 949-777-6959 option 2
Support Documentation Searchable Database: https://docs.secureauth.com
SecureAuth Services Status and Notification Service: https://www.secureauth.com/Support/Current-Service-Status-and-Alerts.aspx

Content

Space Tools

Breadcrumbs

Page History

Versions Compared

Old Version 10

New Version Current

Key

For further information

Support options