These steps will guide you through setting up the single sign-on functionality between ADSelfService Plus and Egnyte.
Login to ADSelfService Plus as an administrator.
Navigate to Configuration → Self-service → Password Sync/Single Sign-on.
Locate and click on Egnyte in the list of applications provided.
Click on the Download SSO Certificate link in the top-right corner of the screen.
Egnyte (Service Provider) configuration steps
Login to Egnyte with an administrator’s credentials.
From the menu on the top-right, choose Settings.
Navigate to Security and authentication → Single sign-on authentication.
Choose SAML 2.0 in the drop down.
Under Identity provider drop-down, select CustomRedirect.
In the Identity Provider Login URL and Identity Provider entity ID, enter the Login URL copied in Step 5 of Prerequisite.
Open the downloaded certificate as a text file. Copy and paste the content (without comments) in the Identity Provider Certificate text field. (Refer Step 5 of Prerequisite).
Under default user mapping, choose Email address.
You can enable domain specific issuer value.
To enable SSO for users:
Under settings, navigate to Users & Groups.
Select users and click details.
On the left pane, choose profile.
Under authentication drop-down, select SSO.
Enter the IDP user name. The IDP username is the profile name present in ADSelfService Plus.
ADSelfService Plus (Identity Provider) configuration steps
Now, switch to ADSelfService Plus’ Egnyte configuration page
In the Domain Name field, enter the domain name of your email address. For example, if you use email@example.com to log in to Egnyte, then egnyte.com is the domain name.
Enter the SP Identifier of your Egnyte account, in the SP Identifier field.
Provide a Description in the respective field.
In the Available Policies field, click on the drop-down box and select the policies for which you wish to enable single sign-on.
For Egnyte, single sign-on is supported for SP and IDP initiated flow.