Coming soon - add the Authentic8 App directly into your company app store:


  

Manually Add the Authentic8 Silo Access Portal to OneLogin


A8 Admin Console

  1. Enable Portal

  2. Enable SAML

  3. Download the SP Encryption Certificate SP_cert.crt to your computer.

  4. Do not hit save, leave page open.

OneLogin

  1. Add a new App, choose SAML Test Connector (Advanced)

Configuration tab:

Relay State: 2

Login URL: https://getsilo.com/for/<company identifier>

ACS (Consumer) URL: https://getsilo.com/sso/saml/<company identifier>/login

SAML Audience: https://getsilo.com/sso/saml/<company identifier>/login

SAML Recipient: https://getsilo.com/sso/saml/<companyidentifier>

ACS Consumer URL Validator: ^https:\//getsilo\.com/sso/saml/[^/]+/login$

Encrypt Assertion

SAML Initiator: Onelogin

SAML Issuer Type: Specific

SAML Encryption Method: AES-256-CBC

SAML signature element: Response

SAML Encryption Public key: Copy and paste contents of SP_cert.crt from A8 Admin Console Single Sign-On page

Parameters tab:

Credentials are: Configured by admin

Field: NameID (fka Email)

Value: Email

SSO tab:

  1. SAML Signature Algorithm: SHA-256 Key Cipher (OneLogin Support needs to configure): AES-256 CBC

  1. Download the X.509 Certificate from the app’s SSO page and upload that to AC’s SAML page as the IdP Signing Certificate.

  2. Copy the “Issuer URL” from the app’s SSO page and paste that in AC’s “IdP Issuer” field

  3. Copy the “SAML 2.0 Endpoint (HTTP)” from the app’s SSO page and paste that in AC’s “IdP Login URL” field.

  4. Click Save

OneLogin - Disable Framing Protection

  1. Sign into OneLogin with an admin account

  2. Settings > Account Settings

  3. Check “Disable Framing Protection (X-Frame-Options)”

  4. Click Save

Configuring Desktop SSO/IWA

https://support.onelogin.com/hc/en-us/articles/201173374-Configuring-Desktop-SSO-using-Active-Directory-Connectors

  1. Windows Server Firewall changes required: Follow steps in the above article. Before testing, for each server where you installed the Active Directory Connector, ensure you allow TCP Port 8080 (or whatever port you used if you did not use the default port) on your Windows Server(s) firewall for both incoming and outgoing traffic.

  2. Disable Framing Protection in the OneLogin portal: You will need to enable framing for the web browser to hand searches off to Silo. See all your Account Settings here https://support.onelogin.com/hc/en-us/articles/201976280-Account-Settings-for-Account-Owners. You only need to make one change

  1. Login to your OneLogin portal as a OneLogin administrator at https://yourdomain.onelogin.com

  2. Click Settings > Account Settings

  3. Scroll down to “Framing Protection” and check “Disable Framing Protection…”


*Note: Authentic8 makes no warranty on third-party software. We assume no responsibility for errors or omissions in the third-party software or documentation available. Using such software is done entirely at your own discretion and risk.
Please contact Support if you have any additional questions and/or require further information.