Centrify Integration
- Caleb Miller
- Matt Wilkinson
Caveat: the following directions were based on a Centrify UI when it was written. The UI may change by the time you read this and so Centrify UI updates are beyond the scope of this article. Please go to Centrify for their latest information on web applications and other integrations.
The Centrify Application
Centrify provides an identity provider service that has its users and roles management.
These external users can be integrated with Synthetic Monitoring, allowing Log in Single Sign-On as a login method.
Integration Requirements
Centrify Management Access
To complete the integration, you need access to the Centrify Management Console, set up Synthetic Monitoring as a service provider, and add roles and users.
You must log in with a Centrify user with a System Administrator role.
Synthetic Monitoring as Centrify Application
The integration requires you to set up Synthetic Monitoring as a Centrify custom application.
Centrify SSO Overview & Setup
Preparation
The integration setup consists of multiple steps. Configuration consists of two major parts:
A. Configuring the Centrify Application.
B. Configuring Apica Synthetic Monitoring for Single Sign on.
To perform the integration, you must copy information to and from Synthetic Monitoring.
Since you will be going back and forth, opening both applications before starting is a good idea.
→ Centrify ←
Go to Centrify management (for example, https://xyz0999.my.centrify.com/manage\)
Log in with a Centrify System Administrator role user
Leave the window open
→ Synthetic Monitoring ←
Open Synthetic Monitoring
Open Centrify SSO Centrify
Turn on the Centrify SSO Enable setting
Leave the window open
A. Configure the Centrify Application for SAML
Configuring ASM for SAML and Centrify
The configuration of Synthetic Monitoring for https://www.centrify.com/ follows the general process.
To access the SSO settings in ASM, click the button in the top right corner of the User view.
The SSO view contains all settings needed to connect a user account with a SAML provider account.
Configuration
1. Enable
The Enabled section contains a setting for enabling or disabling Single Sign-On for the account and applies to the current account only.
2. Identity Provider
The Identity Provider section contains settings for connection to the SAML provider.
2.a. Use SAML Metadata URL
If the SAML provider has a SAML metadata URL, you can use that. The needed login URL and certificate will be extracted automatically.
Item | Description |
|---|---|
Defaul Regional Setting | Standard timezone to use for accounts in the customer. |
Default Time Zone | Standard timezone to use for accounts in the customer. |
2.b. Specify Settings
For other SAML providers, you may need to specify settings manually.
Item | Description | Comment |
|---|---|---|
Sign-Up URL | Provider Login URL. | Can be found in the provider's settings. |
Signing Certificate | Certificate for sign-in. | Can be downloaded from the provider app settings. |
Can't find what you're looking for? Send an E-mail to support@apica.io