Authentic8 Support

Silo Admin Console

1. Set Vanity URL value

2. Enable SAML SSO via Policies > Access & Authentication > Single Sign-On

3. Download the SP Encryption Certificate (SP_cert.crt) to your local machine.

4. DO NOT hit Save; leave page open.
   
   

OneLogin Administration

1. Navigate to Applications > Add App

2. Search and select: SAML Custom Connector (Advanced) -- SAML 2.0 and proceed with the configuration below.

Display Name: Authentic8 > Save

[Configuration]

Relay State: 2 (Installed Client), 4 (Web Client)
Audience (EntityID): https://getsilo.com/sso/saml/<vanityURL>/login
Recipient: https://getsilo.com/sso/saml/<vanity URL>
ACS (Consumer) URL Validator*: ^https:\//getsilo\.com/sso/saml/[^/]+/login$
ACS (Consumer) URL*: https://getsilo.com/sso/saml/<vanity URL>/login

Login URL: https://getsilo.com/for/<vanity URL>

SAML Initiator: OneLogin
SAML nameID format: Email
SAML issuer type: Specific
SAML signature element: Response

Encrypt assertion = Checked

SAML encryption method: AES-256-CBC

SAML Encryption - Public key: Copy and paste contents of SP_cert.crt

Click Save

[Parameters]

Credentials are: Configured by admin

NameID value: Email

[SSO]

SAML Signature Algorithm: SHA-256
Key Cipher: AES-256 CBC

Download X.509 Certificate (X.509 PEM) and upload to Silo Admin Console > Policies > Access & Authentication > Single Sign-On > IdP Signing Certificate

Copy Issuer URL value and paste into IdP Issuer field in Silo

Copy SAML 2.0 Endpoint (HTTP) value and paste into IdP Login URL field in Silo

Click Save in Silo Admin Console