Guard Privileged Access and Enhance Security with miniOrange PAM Solution Learn More >
 +1 978 658 9387    Login  
Hello there!

Need Help? We are right here!

Support Icon
miniOrange Email Support
success

Thanks for your Enquiry. Our team will soon reach out to you.

If you don't hear from us within 24 hours, please feel free to send a follow-up email to info@xecurify.com

Search Results:

×

Contents

How to add a WS–FED App

miniOrange supports Single Sign-on into your apps to securely login for admins and users. miniOrange supports several different protocols for your applications such as SAML, WS-FED, OAuth, OIDC, JWT, RADIUS, etc. Using Single Sign-on, users can use one set of credentials to log in to multiple applications. This improves security as it reduces avenues for phishing attacks, and also improves access to your application.

WS-Fed( Web Services Federation) is a protocol that can be used to negotiate the issuance of a token. You can use this protocol for your applications (SP) and for identity providers (IDP). miniOrange provides SSO for WS-Fed apps, where you can add any app which supports WS-FED standard protocol for single sign-on. Few popular apps with out of the box integration are Microsoft Exchange Server, Dynamic CRM, etc.


Configure Single Sign-On (SSO) Settings for WS-FED Apps:

  • Login as a customer from the Admin Console.
  • Go to Apps >> Add Application.
    • SAML Configure Apps Single Sign On for WS–FED Apps

  • Click on the Create App button under SAML/WS-FED tab.
    • SAML tab Single Sign On for WS–FED Apps

  • Select the Custom WS-FED App.
  • You can add any app which supports WS-FED standard protocol for single sign-on. Few popular apps with out of the box integration are Microsoft Exchange Server, Dynamic CRM, etc.
    • Custom WS–FED App

  • Under Basic Settings, enter the Custom Application Name.
  • Enter the WT-Realm i.e. Callback URL, and the Reply URL. Make sure Reply URL is in this format https://<mycompany.domainname.com>
  • Enter the Audience URL, which is most often the SP entity ID of your Application. (Optional)
    • WS–FED basic settings

  • The Attribute Mapping section allows you to select a Name ID (Username, Phone number, E-mail address etc.).
    • WS–FED Attribute Mapping

  • The Login Policy section allows you to add a new policy for Custom WS-FED.
  • Select a Group Name from the dropdown - the group for which you want to add Custom Apps policy.
  • Give a policy name for Custom App in Policy Name.
  • Select the login method type (Password or Password-less).
  • Enable 2-Factor/Adaptive authentication if required
  • Click on Save button to add policy for App.
    • WS–FED login policy

Edit your Application by following the steps below:

  • Login as a customer from the Admin Console.
  • Go to Apps. From the list of apps configured, locate the app you created. Click on the Select >> Edit option present in front of that specific app to edit your application.
    • WS–FED edit app

  • To check metadata, click on the Select >> Metadata option.
    • WS–FED metadata

  • Download the certificate and check metadata from the Show Metadata Details field.
    • WS–FED metadata2

  • Download Metadata which you will require further for configuration.
  • Use the Certificate, WS–FED Reply URL and Issuer provided by miniOrange in you WS–FED application.