In order to leverage SSO functionality, it is necessary to federate Imagicle Cloud and the corporate Identity Provider (IdP). To configure the federation between Imagicle Cloud and the corporate IdP, some configurations are required, on both IdP and Imagicle side: the customer has to apply these configurations on their IdP, instead the Imagicle Cloud side is managed by Imagicle team.
NOTE: Before to proceed, be sure all the requirements available here are satisfied.
First of all send to Imagicle team these information:
- contact person's email belonging to the customer's corporate domain
- If multiple domains are in use, please provide the full list of them
- IdP federation protocol to be used. Currently, SAML and OpenID Connect standards are supported
in case the customer's domain has not yet configured on Imagicle Cloud, Imagicle team will ask also for an additional information:
- preferred AWS region (North America, Europe or Middle East)
all above information are required by the Imagicle team to begin the federation configuration on Imagicle Cloud with the customer's IdP.
Once Imagicle Cloud configuration is completed, Imagicle team will provide to you the information needed to configure the corporate IdP for the federation:
- User Pool ID (only if SAML is used)
- Redirect URI to which the federated IdP has to respond
At this point, you have to proceed with the corporate's IdP. For this part, you have to refer to the specific KB article for your IdP (*):
- Active Directory Federation Services (ADFS)
- Cisco DUO
- Cisco Webex
- MS Azure Active Directory
- Google Workspace
*NOTE: if your IdP is not listed here or if you are leveraging multiple IdP's, please contact the Imagicle Support team.
Once this part is completed, you have to provide these information to Imagicle team:
- hostname(s) and port(s) used to reach the Imagicle UC Suite(s) from the browser (this is needed to define the SSO Redirect URI)
- Number of Imagicle UC Suite nodes, if HA is in place.
- if your IdP uses OpenID Connect: the Client ID, Client Secret and Issuer URL (this is needed to complete the federation between Imagicle Cloud and your IdP)
- if your IdP uses SAML: the XML configuration file generated by the IdP, which must include the email address of the user claiming the SSO service (this is required to complete the federation between Imagicle Cloud and your IdP)
After the Imagicle team applied the last part of configurations on Imagicle Cloud, the federation is completed and you should be able to use SSO with the Imagicle applications.
This article was:
Thank you for your feedback!
|Single Sign On for Imagicle UC Suite||SSO against Cisco Duo Identity Provider|