Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Configuring Single Sign-On (SAML)

            Created by Jason Carreiro, Modified on Tue, 3 Feb at 10:47 AM by Jason Carreiro

            Scenario:


            Proofpoint Essentials supports integration with Identity Providers for authentication adhering to Security Assertion Markup Language (SAML) standards. Multiple identity providers for an organization are fully supported.

            Proofpoint Essentials supports single sign-on (SSO) via Security Assertion Markup Language. When working with an external IdP, it can be set up as your identity provider (IdP) for SSO to Proofpoint Admin Console.

             

            1. Under Account Management, click Identity Providers.
            2. At the top right-hand corner, click ADD IDENTITY PROVIDER.
            3. In the New Identity Provider panel that opens, enter a meaningful Identity Provider name and description. Note that this name will be shown on the Identity Provider button on the main login screen. 

            clipboard_e946fd91f0029aee8976ed4ced3edb42c.png

            1. Select the appropriate icon for the Identity Provider button, then click Next.
            2. You see a series of set of fields, one for each of the elements needed to configure the SAML assertions necessary for Single Sign-On to be used in your Identity Provider portal.

            The following fields are available:

            FieldDescription

            Entity ID

            AKA "Assertion Consumer Service" (ACS), "Identifier" or "Entity ID".
            Specifies the entity or audience for which the SAML Assertion is intended. Vendors may refer to this as the "Audience URI".
            Although typically entered in the form of a URL that contains the Service Provider's name or is simply the same URL as the ACS, this field can technically contain any string of data, up to 1024 characters.

            Login URL

            URL used to provide service provider-initiated single sign-on.

            Logout URL

            URL used to send the SAML logout response to the application..

            X.509 Certificate

            Certificate used to sign SAML tokens issued to your Proofpoint Essentials implementation.

            1. Click clipboard_ee211d1624029ba5b6eb33a21c600db48.png (copy) in order to copy each field's value to a temporary clipboard. You will need this information for configuring your Identity Provider in a future step.

            If you have configured your Identity Provider and have the necessary information captured, proceed to the next step. If you have not, you must first configure your Identify Provider. Refer to the Identity Provider guides below.

            1. Paste the necessary SAML assertions for Single Sign-On configuration to be used for Proofpoint Essentials.
              • Identity Provider Single Sign-on URL
              • Identity Provider Login URL
              • Identify Provider Logout URL
              • Identity Provider x 509 Certificate
            2. Click Enable icontoggle (enable) on the Enable Single Sign-On setting.
              • This turns on the Identity Provider. When enabled, the "Identity Provider Sign in" button is shown on the Proofpoint Essentials login screen.
            3. Click Save and Close.



            Preview
            0 of 0