Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Configure Single Sign-On Settings

Ensure that Juniper Security Director Cloud is added as an application in Identity Providers (IdP) such as Okta, Microsoft Azure, or VMware Workspace ONE.

The Single Sign-On Configuration page enables you to configure SSO settings to allow users to sign in to Juniper Security Director Cloud portal using their network credentials. If a user is not added as a local user, they are redirected to the Identity Provider (IdP) portal to authenticate their credentials.

Note:

You can configure SSO settings for a specific domain for an organization. You cannot configure SSO settings for multiple domains.

If a user is added as a local user and also a part of the domain configured in the Single Sign-On Configuration page, they can sign in using their account password and network credentials. For information about adding users and assigning roles, see Users Overview and Roles Overview.

  1. Click Administration > SSO Configuration.
    The Single Sign-On Configuration page is displayed.
  2. Use the SAML Profile toggle button to enable SAML profile configuration.
  3. In the Identity Provider (IdP) section, select one of the following methods to configure IdP settings:

    • Enter metadata URL-Select and enter the IdP metadata URL that must be used by the service provider to validate the SAML assertions.

    • Import settings-Select and upload the XML file that contains the IdP metadata.

    • Enter settings manually-Select and enter the IdP issuer URL, IdP portal URL, and then upload the IdP certificate to decrypt the SAML response.

  4. In the Service Provider (SP) section, perform the following steps:
    1. Enter the user domain name.
    2. Use the Sign authentication requests toggle button to enable signing authentication requests from Juniper Security Director Cloud to your IdP. To sign and to validate the requests, provide the private key and public key certificates.
    3. Select the default role that must be assigned to the user. You can also create a new user role, if necessary. For information about users and roles, see Users Overview and Roles Overview.
  5. Click Test Connection to verify the configuration in the IdP and Juniper Security Director Cloud.
    The IdP sign in page is displayed. You can enter the credentials to verify if you are redirected to the Single Sign-On Configuration page in Juniper Security Director Cloud GUI. If you are redirected, it confirms that the configured settings are valid. If the settings are incorrect, an error message is displayed.
  6. Click Save.
    A success message stating that the SAML configuration is updated successfully is displayed.