You can reconfigure the SAML-based single sign-on (SSO) configuration for existing
users.
About this task
The SAML-based SSO configuration is upgraded for the user authentication in IBM MaaS360. The
existing Pingone users must reconfigure the settings to avoid losing access to SAML-based SSO
services. In the IBM MaaS360 home page, a pop-up message is displayed to
reconfigure the SAML-based SSO configuration.
Follow the steps to configure a SAML-based SSO configuration.
Procedure
- In the IBM®
MaaS360® Portal, go to
. Go to Login
Settings and select Configure Federated Single
Sign-On.
- The user must click Reconfigure tab to proceed with the
configuration.
- On the Reconfigure SAML SSO configuration page, enter the
IBM ID to create a IBM Security Verify Tenant. If you do not have an IBM ID,
you must create one using the Sign up for an IBM ID link.
- After you enter the IBM ID and select Next,
the IBM Verify tenant is created which serves as the Service
Provider for your MaaS360 tenant.
- On the Identity details page,
- If your user directory is IBM Verify, then select the
IBM Verify is the source of User Directory checkbox.
- If your user directory is not IBM Verify, then follow the steps.
- Enter the Identity Provider Name. The Identity provider name is displayed
in the IBM Verify authentication reports.
- In the Identity Provider Metadata tab, browse and select the
Federation Metadata XML that is downloaded from Identity Provider. The
supported file type is
.XML.
- Make a note of the Assertion Costumer Service URL, and Entity
ID to configure the Identity provider and then test authentication.
- The Custom Login URL is what the administrators use to login to
the IBM
MaaS360 Portal after the SAML integration is
completed.
- Click Next which saves the configuration.
- On the Overwrite configuration page, the user must test the
configuration before enabling the configuration settings.
Follow the steps to test the configuration.
- Go to test Custom Login URL for administrators and the identity details page is displayed.
- Enter the Identity provider name and click Next to
save the configuration.
Important: Make sure to test the configuration before you overwrite the
configuration.
- Select Overwrite old configuration and click
Submit.
Turning on this option replaces the old configuration with
the new configuration.
Results
The old configuration is successfully replaced with the new configuration.