Configuring SAML SSO for Egnyte

These steps will guide you through setting up the single sign-on functionality between ADSelfService Plus and Egnyte.

Prerequisite

Login to ADSelfService Plus as an administrator.
Navigate to Configuration → Self-service → Password Sync/Single Sign-on.
Locate and click on Egnyte in the list of applications provided.
Click on the Download SSO Certificate link in the top-right corner of the screen.
In the pop-up that appears, copy the Login URL and Download SSO Certificate.

Egnyte (Service Provider) configuration steps

Login to Egnyte with an administrator’s credentials.
From the menu on the top-right, choose Settings.
Navigate to Security and authentication → Single sign-on authentication.
Choose SAML 2.0 in the drop down.
Under Identity provider drop-down, select CustomRedirect.
In the Identity Provider Login URL and Identity Provider entity ID, enter the Login URL copied in Step 5 of Prerequisite.
Open the downloaded certificate as a text file. Copy and paste the content (without comments) in the Identity Provider Certificate text field. (Refer Step 5 of Prerequisite).
Under default user mapping, choose Email address.
You can enable domain specific issuer value.
Click Save.
- Under settings, navigate to Users & Groups.
- Select users and click details.
- On the left pane, choose profile.
- Under authentication drop-down, select SSO.
- Enter the IDP user name. The IDP username is the profile name present in ADSelfService Plus.

ADSelfService Plus (Identity Provider) configuration steps

Provide a Description in the respective field.

In the Available Policies field, click on the drop-down box and select the policies for which you wish to enable single sign-on.

Click Save.

For Egnyte, single sign-on is supported for SP and IDP initiated flow.