Coming soon - add the Authentic8 App directly into your company app store:
Manually Add the Authentic8 Silo Access Portal to OneLogin
A8 Admin Console
Define your vanity URL e.g. mitchmurray (fictional customer) by editing your Org name.
Enable SAML
Download the SP Encryption Certificate SP_cert.crt to your computer.
Do not hit save, leave page open.
OneLogin
Add a new App, choose SAML Test Connector (Advanced)
Configuration tab:
Relay State: 2
Login URL: https://getsilo.com/for/<vanity URL>
ACS (Consumer) URL: https://getsilo.com/sso/saml/<vanity URL>/login
SAML Audience: https://getsilo.com/sso/saml/<vanity URL>/login
SAML Recipient: https://getsilo.com/sso/saml/<vanity URL>
ACS Consumer URL Validator: ^https:\//getsilo\.com/sso/saml/[^/]+/login$
Encrypt Assertion
SAML Initiator: Onelogin
SAML Issuer Type: Specific
SAML Encryption Method: AES-256-CBC
SAML signature element: Response
SAML Encryption Public key: Copy and paste contents of SP_cert.crt from A8 Admin Console Single Sign-On page
Parameters tab:
Credentials are: Configured by admin
Field: NameID (aka Email)
Value: Email
SSO tab:
- SAML Signature Algorithm: SHA-256 Key Cipher: AES-256 CBC
Download the X.509 Certificate from the app’s SSO page and upload that to AC’s SAML page as the IdP Signing Certificate.
Copy the “Issuer URL” from the app’s SSO page and paste that in AC’s “IdP Issuer” field
Copy the “SAML 2.0 Endpoint (HTTP)” from the app’s SSO page and paste that in AC’s “IdP Login URL” field.
Click Save
OneLogin - Disable Framing Protection
Sign into OneLogin with an admin account
Settings > Account Settings
Check “Disable Framing Protection (X-Frame-Options)”
Click Save
Configuring Desktop SSO/IWA
Windows Server Firewall changes required: Follow steps in the above article. Before testing, for each server where you installed the Active Directory Connector, ensure you allow TCP Port 8080 (or whatever port you used if you did not use the default port) on your Windows Server(s) firewall for both incoming and outgoing traffic.
- Disable Framing Protection in the OneLogin portal: You will need to enable framing for the web browser to hand searches off to Silo. See all your Account Settings here https://support.onelogin.com/hc/en-us/articles/201976280-Account-Settings-for-Account-Owners. You only need to make one change
Login to your OneLogin portal as a OneLogin administrator at https://yourdomain.onelogin.com
Click Settings > Account Settings
Scroll down to “Framing Protection” and check “Disable Framing Protection…”
*Note: Authentic8 makes no warranty on third-party software. We assume no responsibility for errors or omissions in the third-party software or documentation available. Using such software is done entirely at your own discretion and risk.
Please contact Support if you have any additional questions and/or require further information.