Online Help

SafeNet Trusted Access for CloudAMQP

Overview

The application template provides the ability to enable single sign-on for users accessing the CloudAMQP application through SafeNet Trusted Access.

The following use cases can be configured for CloudAMQP:

SP-initiated SSO

IdP-initiated SSO

Just-in-Time (JIT) provisioning

Configuring SafeNet Trusted Access for CloudAMQP is a three-step process:

1.CloudAMQP setup

2.SafeNet Trusted Access setup

3.Verify authentication

CloudAMQP Setup

As a prerequisite, download the Identity Provider metadata from the SafeNet Trusted Access console by clicking the Download metadata file button. You will need this metadata in one of the steps given below.

Perform the following steps to configure SafeNet Trusted Access as your Identity Provider in CloudAMQP:

1.Log in to CloudAMQP as an administrator using the https://customer.cloudamqp.com/login URL.

2.On the CloudAMQP dashboard, on the top right-hand side corner, click on the profile name (administrator's email), and click Team Settings.

3.Click the SAML tab, and under SAML configuration, perform the following steps:

a.From the URL given in the SAML Audience URL/Audience URI/SP Entity ID/SAML Metadata field, note down the saml-uuid.

For example, in https://customer.cloudamqp.com/saml/metadata/9a1b27d7-7e21-4f26-9112-fb16ab466b10, the highlighted part is the saml-uuid and it will be used while activating CloudAMQP in STA.

b.In the Identity Provider Metadata field, click Browse to search and select the identity provider metadata file that you downloaded earlier from the SafeNet Trusted Access console.

c.Click Upload.

4.In the Enforce SAML, disable the password-based login field, click the toggle button to enable SAML SSO.

SafeNet Trusted Access Setup

After completing the first step of configuring SafeNet Trusted Access in CloudAMQP, the second step is to activate the CloudAMQP application in SafeNet Trusted Access by performing the following steps:

1.In the Applications pane, the CloudAMQP application you added earlier is in the inactive state by default. To configure and activate this application, click the application (for example, CloudAMQP) and proceed to the next step.

2.Under STA Setup, perform the following steps:

a.Under Account Details, in the SAML-UUID field, enter the saml-uuid (for example, 9a1b27d7-7e21-4f26-9112-fb16ab466b10) that you noted down in step 3(a) of CloudAMQP Setup.

b.Under STA Setup, under Account Details, in the ROLE field, enter a role (for example, member) that you want to assign to the user.

Note:  This is an optional setting that is done when you want to enforce a specific user role from IdP.

c.Under User Login ID Mapping, in the NAME ID field, ensure that the Email address is selected.

d.Under Return Attributes, ensure that the 84codes.roles attribute is set to {SAML-UUID}/{Role}.

e.Click Save Configuration to save the details and activate the CloudAMQP application in SafeNet Trusted Access.

Verify Authentication

Using STA Console

Navigate to the CloudAMQP login URL, https://customer.cloudamqp.com/login. Enter the email address of the CloudAMQP user and click Log in.

You will be redirected to your SafeNet Trusted Access sign-in page. Enter your primary directory login information, approve the two-factor authentication, and you should be redirected to the CloudAMQP dashboard after authentication.

Using STA User Portal

Navigate to the User Portal URL to log in to the STA User Portal dashboard. On the dashboard, you will see a list of applications to which you have access. Click the CloudAMQP application icon. You should be successfully logged in to the CloudAMQP dashboard after authentication.

 

© 2019 SafeNet Trusted Access. Various trademarks are held by their respective owners.