Step-by-step instructions to set up a SAML authentication for your Administrators with Cloudi-Fi and Google.
Use case
The following sections will provide step-by-step instructions for SAML authentication for your Administrators with Cloudi-Fi and Google.
Prerequisites
SAML URLs
-
Log into the Cloudi-Fi Admin User Interface
-
Navigate through the menu to locate the "Configuration" option
-
Find and select "Auth modes" within the Configuration settings to explore authentication options.
-
Choose Admin for Setup and gather the Required Details:
Linkback URL
https://admin.cloudi-fi.net/auth/module.php/saml/sp/saml2-acs.php/sp-saml4admin/************
- ***** is your Cloudi-fi public key (Go to your Cloudi-fi Admin interface > Settings > Company Account)
Cloudi-Fi Entity ID
https://admin.cloudi-fi.net/
Step 1: Create a Google Web App
- Initiating Google Web App Integration:
- Navigate to Apps > Web and mobile apps in your platform's interface.
- Select the option SAML for Administrators to add a new custom SAML app.
- Fill in the essential details of your web app:
- App Name: Choose a distinctive name that resonates with your web app's functionality.
- Description: A concise overview of your web app's purpose or functionality.
- App Logo: Upload a logo to visually represent your web app.
- Copy Required Information:
- SSO URL: For Single Sign-On functionality.
- URL ID: Unique identifier for your app.
- Certificate: Security certificate for the SAML integration.
Alternatively, download the metadata file containing all the necessary SAML details.
- Configuring SAML Settings For Cloudi-Fi
- Set the Cloudi-Fi ACS URL as the linkback URL and the Entity ID as the Cloudi-Fi Entity ID.
- Enable "Signed response".
- Specify the NameID format as the email address and select the primary email as the name ID.
- Adding Attribute Mappings:
- Map the Google directory attribute "Primary email" to the app attribute "email".
- Map the Google directory attribute "Last name" to the app attribute "lastname".
Complete the setup process.
Step 2: Cloudi-Fi Configuration
- Access the Cloudi-Fi Admin User Interface (UI).
- Navigate through Configuration > Auth modes > SAML For Administrators.
- Enter the necessary SAML details acquired from Google:
- IdP EntityId: SSO URL.
- Binding Method: POST.
- IdP Endpoint: Entity ID.
- Logout Binding Method: POST
- IdP Signing Certificate: Enter the X.509 Certificate details, excluding "Begin Certificate" and "End Certificate" markers.
- Email attribute name: Set as "email".
Finally, click on Save
Once done, you must activate the SAML authentication on your captive portal.
Please contact our team (How to contact your support? ) to make the necessary changes to your captive portal or consult the articles available in our online help https://help.cloudi-fi.com/