Uncategorized

SAML Configuration for Sumologic

Overview

AuthX integrates with Security Assertion Markup Language (SAML) to add two-factor authentication to Sumologic login. This SAML integration works for different web services

System Requirements

AuthX Authentication for server operating systems.

Server

  • Windows Server 2012

  • Windows Server 2012 R2

  • Windows Server 2016

  • Windows Server 2019

AuthX Factor Support

AuthX for SAML support these factor types for 2FA:

  • Push

  • TOTP

  • Face

  • Pin

  • Phone SMS

  • Phone Call

  • Email

  • Fingerprint

  • RFID

  • Hardware Token

Configuration Steps on AuthX & Sumologic

Pre-Requisite

  1. Make sure to have an AuthX account, you can signup here https://admin.authx.com/signup

  2. Make sure to have an Sumologic account, you can signup here Sumologic

    1. The email id which we are using while account creation should be an Active user (same email ID) in AuthX portal, Sumologic Login & OKTA portal

AuthX Admin portal – Sumologic application creation steps

  1. Login to AuthX Admin portal.

  2. Navigate to the Applications tab

  3. Click Protect Application and select Protect for Sumologic

  4. Provide your inputs on the Application Name, Access Management Options, Domain Name, Cookies Expiry

    1. Application name – Random characters allowed

    2. Access Management Options

      1. SSO with AuthX Identity

        1. Login using AuthX Registered Email address and password followed by the authentication factor enrolled for the user

      2. SSO with 3rd party Identity Provider

        1. Login using configured 3rd party SAML identity provider

      3. SSO with MFA for 3rd Party Identity Provider

        1. Login using configured 3rd party SAML identity provider followed by authentication factor enrolled for the user in AuthX

      4. Passwordless SSO with AuthX Identity

        1. Use any of the enrolled authentication factor in AuthX to access the application

    3. Domain Name

      1. Input your domain details here

    4. Cookies Expiry

      1. Select any options listed here

        1. One time

          1. On every login, user to provide the Username & Password while login

        2. 8 hours

          1. Every 8 hours, user to provide the Username & Password while login

        3. One day

          1. Every 24 hours, user to provide the Username & Password while login

        4. Max (7days)

          1. 7 days once, user to provide the Username & Password while login

    5. Save the application

Sumologic Configuration

  1. Login to Sumologic Admin account, Sumologic Admin using admin credentials

  2. Select Organization from the menu , Choose SAML authentication Tab and Edit the SAML authentication

  3. On SAML authentication Edit following window opens.

  4. For Signin page URL & Signout page URL & details, do the following

    1. Copy paste the Signin URL and Signout URL from AuthX Admin portal mentioned in AuthX Admin portal – Sumologic application creation steps → Step 4 (Note- Signin URL itself is used for Change password URL)

    2. Select Sumologic Service as Sumologic us2, tick Do you need a sign out response and later click on Configure

  5. Logout from Sumologic Admin account

SAML as IDP – Sumologic (SSO with AuthX Identity)

  1. Pre-requisite – Make sure your logged out from AuthX Admin and Sumologic Admin account

  2. Login to AuthX User portal mentioned in Configuration Steps on AuthX & Sumologic->Pre-Requisite → Step 2 a

  3. Navigate to ApplicationsAuth Applications tab

  4. Launch the Sumologic application from here

  5. A new tab opens up SAML login

  6. Login with the user portal credentials here (Mentioned in Launch the Sumologic Application-> Step 2 a)

  7. Use any of the Auth factors to successfully login

  8. User redirected to Sumologic dashboard

SAML as SP – Sumologic (SSO with AuthX Identity)

  1. Go to Sumologic Account

  2. Login with the Sumologic user (Mentioned in Configuration Steps on AuthX & Sumologic→ Pre-Requisite) and select Sign In another way

  3. Later choose Sign In with SAML

  4. Redirects to SAML Login

  5. Use the AuthX User portal credentials mentioned in Configuration Steps on AuthX & Sumologic->Pre-Requisite → Step 2 a

  6. Use any of the Auth factors to successfully login

  7. User redirected to Sumologic dashboard

SAML as IDP – Zoho (SSO with 3rd party Identity Provider OKTA)

Application & Okta setup updates

Identity Provider creation

  1. Login to AuthX admin portal

  2. Navigate to Identity Provider

  3. Select Add Identity provider

  4. Fill in the mandatory details (Mentioned below in OKTA Identity Provider Setup Step 6)

  5. Set the application status to Active

  6. Save the application

OKTA Identity Provider setup

  1. Go to https://dev-74176585.okta.com/login/login.htm

  2. Login as an Okta Admin account

  3. Navigate to Applications and select Applications

  4. Select AuthX SAML

  5. Choose Sign On Tab and select View Setup Instructions

  6. Copy paste the following details in above mentioned Identity provider creation-> Step 4

    1. Identity Provider Single Signon URL,

    2. Logout URL

    3. Identity provider Issuer

    4. Download Certificate

OKTA – AuthX Identity Provider Configuration

  1. After the Identity provider application is saved, go to Okta login and navigate to Applications

  2. Select Applications and select AuthX SAML

  3. Choose General Tab and edit the SAML Settings

  4. On the General Settings, click Next

  5. On the Configure SAML page, fill these details “Single sign on URL, Single Logout URL, Audience URI (SP Entity ID), SP Issuer & Signature Certificate” from AuthX Admin portal. Follow the below steps,

    1. Login to AuthX Admin Portal → Identity Provider → Edit the OKTA application (which was created in Identity Provider creation → Step 4)

    2. Click on Download Metadata

    3. Open the downloaded metadata file in Notepad and copy paste the Signin & Signout URL in above mentioned Configure SAML → Step 5

  6. No go back to Configure SAML step and paste the following details,

    1. Single Sign in URL

    2. Single Logout URL (Click Show Advanced Settings)

    3. Audience URI (SP Entity ID) and SP Issuer field – Update the respective AuthX company hostname

    4. Signature Certificate

      1. Go to AuthX Admin portal

      2. Navigate to Settings-> Certificate Management

      3. Download the certificate & upload it here and click on Next

    5. Click Finish on the Feedback

    6. Logout from OKTA admin account

Certify me application updates in AuthX admin portal

  1. Login to AuthX Admin portal and navigate to Applications

  2. Edit Sumologic application

  3. In the Access Management options, choose ‘’SSO with 3rd party identity provider’’

  4. Select the Gateway

  5. Save the application

  6. Logout from AuthX Admin portal

Launch Sumologic application as IDP

  1. Pre-requisite – Make sure your logged out from AuthX Admin, Certify Me portal & Okta Admin account portal

  2. Now Login to AuthX User portal with user credentials mentioned in Configuration Steps on AuthX & Sumologic ->Pre-Requisite → Step 2 a

  3. Navigate after successful login, it redirects to Okta login

  4. Now input the OKTA user credentials and sign in

  5. Redirects to AuthX user Confirm Identity page

  6. Use any of the Auth factors to successfully login

  7. User redirected to AuthX user portal-> Applications page

  8. Now go to Auth Applications tab and launch Sumologic application

  9. A new tab opens up SAML login

  10. Login with the user portal credentials here (Mentioned in Launch the Sumologic Application-> Step 2 a)

  11. Use any of the Auth factors to successfully login

  12. User redirected to Sumologic dashboard

SAML as SP – Sumologic (SSO with 3rd party Identity Provider OKTA)

  1. Go to Sumologic Account

  2. Login with the Sumologic user (Mentioned in Configuration Steps on AuthX & Sumologic→ Pre-Requisite) and select Sign In another way

  3. Later choose Sign In with SAML

  4. Login with the Sumologic user (Mentioned in Configuration Steps on AuthX & Sumologic → Pre-Requisite)

  5. Redirects to Okta login

  6. Now input the OKTA user credentials and sign in

  7. Use the AuthX User portal credentials mentioned in Configuration Steps on AuthX & Sumologic->Pre-Requisite → Step 2 a

  8. User redirected to Sumologic dashboard

SAML as IDP & SP – Sumologic (SSO with MFA for 3rd party Identity Provider OKTA)

  1. Follow the steps mentioned in https://certifyglobal.atlassian.net/wiki/spaces/AUTHX/pages/2846753311/SAML+Configuration+for+Zoho#SAML-as-IDP—Zoho-(SSO-with-3rd-party-Identity-Provider-OKTA) and https://certifyglobal.atlassian.net/wiki/spaces/AUTHX/pages/2846753311/SAML+Configuration+for+Zoho#SAML-as-SP—Zoho-(SSO-with-3rd-party-Identity-Provider-OKTA)

  2. On Sumologic login, after the User credentials input additionally it will ask for AuthX Confirm Identity

SAML as IDP & SP – Passwordless SSO with AuthX Identity

  1. Follow the steps mentioned in https://certifyglobal.atlassian.net/wiki/spaces/AUTHX/pages/2846753311/SAML+Configuration+for+Zoho#SAML-as-IDP—Zoho-(SSO-with-AuthX-Identity) and https://certifyglobal.atlassian.net/wiki/spaces/AUTHX/pages/2846753311/SAML+Configuration+for+Zoho#SAML-as-SP—Zoho-(SSO-with-AuthX-Identity)

  2. On Sumologic login, after the Email address input it will skip the Password option & redirect to Sumologic accounts dashboard

Leave a Reply