Overview
AuthX integrates with Security Assertion Markup Language (SAML) to add two-factor authentication to Sumologic login. This SAML integration works for different web services
System Requirements
AuthX Authentication for server operating systems.
Server
-
Windows Server 2012
-
Windows Server 2012 R2
-
Windows Server 2016
-
Windows Server 2019
AuthX Factor Support
AuthX for SAML support these factor types for 2FA:
-
Push
-
TOTP
-
Face
-
Pin
-
Phone SMS
-
Phone Call
-
Email
-
Fingerprint
-
RFID
-
Hardware Token
Configuration Steps on AuthX & Sumologic
Pre-Requisite
-
Make sure to have an AuthX account, you can signup here https://admin.authx.com/signup
-
Make sure to have an Sumologic account, you can signup here Sumologic
-
The email id which we are using while account creation should be an Active user (same email ID) in AuthX portal, Sumologic Login & OKTA portal
-
AuthX Admin portal – Sumologic application creation steps
-
Login to AuthX Admin portal.
-
Navigate to the Applications tab
-
Click Protect Application and select Protect for Sumologic
-
Provide your inputs on the Application Name, Access Management Options, Domain Name, Cookies Expiry
Application name – Random characters allowed
-
Access Management Options
-
SSO with AuthX Identity
-
Login using AuthX Registered Email address and password followed by the authentication factor enrolled for the user
-
-
SSO with 3rd party Identity Provider
-
Login using configured 3rd party SAML identity provider
-
-
SSO with MFA for 3rd Party Identity Provider
-
Login using configured 3rd party SAML identity provider followed by authentication factor enrolled for the user in AuthX
-
-
Passwordless SSO with AuthX Identity
-
Use any of the enrolled authentication factor in AuthX to access the application
-
-
-
Domain Name
-
Input your domain details here
-
-
Cookies Expiry
-
Select any options listed here
-
One time
-
On every login, user to provide the Username & Password while login
-
-
8 hours
-
Every 8 hours, user to provide the Username & Password while login
-
-
One day
-
Every 24 hours, user to provide the Username & Password while login
-
-
Max (7days)
-
7 days once, user to provide the Username & Password while login
-
-
-
-
Save the application
Sumologic Configuration
-
Login to Sumologic Admin account, Sumologic Admin using admin credentials
-
Select Organization from the menu , Choose SAML authentication Tab and Edit the SAML authentication
On SAML authentication Edit following window opens.
For Signin page URL & Signout page URL & details, do the following
-
Copy paste the Signin URL and Signout URL from AuthX Admin portal mentioned in AuthX Admin portal – Sumologic application creation steps → Step 4 (Note- Signin URL itself is used for Change password URL)
-
Select Sumologic Service as Sumologic us2, tick Do you need a sign out response and later click on Configure
-
-
Logout from Sumologic Admin account
SAML as IDP – Sumologic (SSO with AuthX Identity)
-
Pre-requisite – Make sure your logged out from AuthX Admin and Sumologic Admin account
-
Login to AuthX User portal mentioned in Configuration Steps on AuthX & Sumologic->Pre-Requisite → Step 2 a
-
Navigate to Applications → Auth Applications tab
Launch the Sumologic application from here
-
A new tab opens up SAML login
-
Login with the user portal credentials here (Mentioned in Launch the Sumologic Application-> Step 2 a)
-
Use any of the Auth factors to successfully login
-
User redirected to Sumologic dashboard
SAML as SP – Sumologic (SSO with AuthX Identity)
-
Go to Sumologic Account
-
Login with the Sumologic user (Mentioned in Configuration Steps on AuthX & Sumologic→ Pre-Requisite) and select Sign In another way
Later choose Sign In with SAML
Redirects to SAML Login
-
Use the AuthX User portal credentials mentioned in Configuration Steps on AuthX & Sumologic->Pre-Requisite → Step 2 a
-
Use any of the Auth factors to successfully login
-
User redirected to Sumologic dashboard
SAML as IDP – Zoho (SSO with 3rd party Identity Provider OKTA)
Application & Okta setup updates
Identity Provider creation
-
Login to AuthX admin portal
-
Navigate to Identity Provider
-
Select Add Identity provider
-
Fill in the mandatory details (Mentioned below in OKTA Identity Provider Setup Step 6)
-
Set the application status to Active
-
Save the application
OKTA Identity Provider setup
-
Login as an Okta Admin account
-
Navigate to Applications and select Applications
-
Select AuthX SAML
-
Choose Sign On Tab and select View Setup Instructions
-
Copy paste the following details in above mentioned Identity provider creation-> Step 4
-
Identity Provider Single Signon URL,
-
Logout URL
-
Identity provider Issuer
-
Download Certificate
-
OKTA – AuthX Identity Provider Configuration
-
After the Identity provider application is saved, go to Okta login and navigate to Applications
-
Select Applications and select AuthX SAML
-
Choose General Tab and edit the SAML Settings
-
On the General Settings, click Next
-
On the Configure SAML page, fill these details “Single sign on URL, Single Logout URL, Audience URI (SP Entity ID), SP Issuer & Signature Certificate” from AuthX Admin portal. Follow the below steps,
-
Login to AuthX Admin Portal → Identity Provider → Edit the OKTA application (which was created in Identity Provider creation → Step 4)
-
Click on Download Metadata
-
Open the downloaded metadata file in Notepad and copy paste the Signin & Signout URL in above mentioned Configure SAML → Step 5
-
-
No go back to Configure SAML step and paste the following details,
-
Single Sign in URL
-
Single Logout URL (Click Show Advanced Settings)
-
Audience URI (SP Entity ID) and SP Issuer field – Update the respective AuthX company hostname
-
Signature Certificate
-
Go to AuthX Admin portal
-
Navigate to Settings-> Certificate Management
-
Download the certificate & upload it here and click on Next
-
-
Click Finish on the Feedback
-
Logout from OKTA admin account
-
Certify me application updates in AuthX admin portal
-
Login to AuthX Admin portal and navigate to Applications
-
Edit Sumologic application
-
In the Access Management options, choose ‘’SSO with 3rd party identity provider’’
-
Select the Gateway
-
Save the application
-
Logout from AuthX Admin portal
Launch Sumologic application as IDP
-
Pre-requisite – Make sure your logged out from AuthX Admin, Certify Me portal & Okta Admin account portal
-
Now Login to AuthX User portal with user credentials mentioned in Configuration Steps on AuthX & Sumologic ->Pre-Requisite → Step 2 a
-
Navigate after successful login, it redirects to Okta login
-
Now input the OKTA user credentials and sign in
-
Redirects to AuthX user Confirm Identity page
-
Use any of the Auth factors to successfully login
-
User redirected to AuthX user portal-> Applications page
-
Now go to Auth Applications tab and launch Sumologic application
A new tab opens up SAML login
-
Login with the user portal credentials here (Mentioned in Launch the Sumologic Application-> Step 2 a)
-
Use any of the Auth factors to successfully login
-
User redirected to Sumologic dashboard
SAML as SP – Sumologic (SSO with 3rd party Identity Provider OKTA)
-
Go to Sumologic Account
Login with the Sumologic user (Mentioned in Configuration Steps on AuthX & Sumologic→ Pre-Requisite) and select Sign In another way
Later choose Sign In with SAML
Login with the Sumologic user (Mentioned in Configuration Steps on AuthX & Sumologic → Pre-Requisite)
-
Redirects to Okta login
-
Now input the OKTA user credentials and sign in
-
Use the AuthX User portal credentials mentioned in Configuration Steps on AuthX & Sumologic->Pre-Requisite → Step 2 a
-
User redirected to Sumologic dashboard
SAML as IDP & SP – Sumologic (SSO with MFA for 3rd party Identity Provider OKTA)
-
Follow the steps mentioned in https://certifyglobal.atlassian.net/wiki/spaces/AUTHX/pages/2846753311/SAML+Configuration+for+Zoho#SAML-as-IDP—Zoho-(SSO-with-3rd-party-Identity-Provider-OKTA) and https://certifyglobal.atlassian.net/wiki/spaces/AUTHX/pages/2846753311/SAML+Configuration+for+Zoho#SAML-as-SP—Zoho-(SSO-with-3rd-party-Identity-Provider-OKTA)
-
On Sumologic login, after the User credentials input additionally it will ask for AuthX Confirm Identity
SAML as IDP & SP – Passwordless SSO with AuthX Identity
-
Follow the steps mentioned in https://certifyglobal.atlassian.net/wiki/spaces/AUTHX/pages/2846753311/SAML+Configuration+for+Zoho#SAML-as-IDP—Zoho-(SSO-with-AuthX-Identity) and https://certifyglobal.atlassian.net/wiki/spaces/AUTHX/pages/2846753311/SAML+Configuration+for+Zoho#SAML-as-SP—Zoho-(SSO-with-AuthX-Identity)
-
On Sumologic login, after the Email address input it will skip the Password option & redirect to Sumologic accounts dashboard