Setting up SSO with file sharing
We understand the importance of simplifying your authentication process and offer you the convenience of using SSO.
Get started on your SSO adventure by contacting us and we will guide you through the process.
SSO integration with File Sharing is a three-part process:
- Customers are provided the information to set up the application in their identity provider (IdP).
- Once the customer has registered the application(s) in the IdP, specific parameters are provided to MFT to configure our side of the integration.
- We will schedule a meeting to test your SSO application(s).
Setting up your SSO process
Use the following to create a SAML 2.0 SSO application in their identity provider’s portal:
-
MFT Single sign URL = https://filesharingsiteurl/saml/AssertionConsumerService.aspx
-
MFT Entity ID (in Okta called Audience URI)
- "urn:componentspace:MFTSite"
During the application process, make sure these claims are mapped to your Active Directory:
-
emailaddress - (mandatory)
-
givenname - (mandatory) if it does not exist in iDP, create a custom claim
-
surname - (mandatory) if it does not exist in iDP, create a custom claim
-
phone - (optional), if it does not exist in iDP, create a custom claim
-
company - (optional), if it does not exist in iDP, create a custom claim
In the 2nd step, we need the information from your identity provider.
- Customer Unique iDP URI: In SAML XML, it can be called entityID or Issuer. Examples:
"http://ThruADFS.Thru.PVT/adfs/services/trust"
"http://www.okta.com/exk19z4gbah5AATrh0h8" - Customer iDP Single sign-on service URL, Examples:
"https://ThruADFS.Thru.PVT/adfs/ls/"
"https://climate.okta.com/app/companynameThruSite/exk19z4gbah5AATrh0h8/sso/saml" - Customer IDP certificate in CER or CRT format.
In the 3rd step, MFT Customer success team follows up with you to schedule a meeting. In this meeting, we will test the SSO application links and verify that users can authenticate and that new users get created successfully.
