Online Help

SafeNet Trusted Access for Harness

Overview

The application template provides the ability to enable single sign-on for users accessing the Harness application through SafeNet Trusted Access.

The following use cases can be configured for Harness:

SP-initiated SSO

Just-in-Time (JIT) Provisioning

Configuring SafeNet Trusted Access for Harness is a three-step process:

1.Harness setup

2.SafeNet Trusted Access setup

3.Verify authentication

Harness Setup

As a prerequisites, download the Identity Provider metadata from the SafeNet Trusted Access console by clicking the Download metadata file button. You will need this metadata in one of the steps given below.

Perform the following steps to configure SafeNet Trusted Access as your Identity Provider in Harness:

1.Log in to the Harness dashboard as an administrator using the Harness login URL (for example, https://app.harness.io/#/login?_k=mymfo7).

2.On the dashboard, click Continuous Security > Access Management.

3.On the Access Management window, click Authentication Settings.

4.On the Authentication Settings window, click +Add SSO Providers > SAML.

4. On the Add SAML Provider window, perform the following steps:

a.In the Display Name field, enter the name for identity provider identification (for example, SafeNet).

b.Under Upload a new SAML Metadata File field, click Choose file to search and select the identity provider metadata file that you downloaded earlier from the STA console.

c.In the Group Attribute Name field, enter a name for the group attribute (for example, dept).

d.Click Submit.

Note:  Copy the account ID from SAML-based login URL (for example, https://app.harness.io/gateway/api/users/saml-login?accountId=HwwCvjr_SQa-abrBPnrwZQ), which will be required while configuring Harness in SafeNet Trusted Access.

5.Under SSO Providers, enable the authentication enabled? toggle button.

6.The Enable SSO Provider window is displayed to confirm / test the SSO authentication, click Confirm.

7.On the dashboard, click Continuous Security > Access Management.

8.Under Access Management, click User Groups.

9. Click the group name (for example, integ) to enable SAML authentication for users.

10.On user group window (for example, integ), click on the Link to SSO Provider Group link.

11.On the Link to SSO Provider Group window, perform the following steps:

a.In the SSO Provider field, select the identity provider (for example, SafeNet) that you created earlier in step 4 (a).

b.In the Group Name field, enter the group name, which is provided by the identity provider in the SAML response as a return attribute (for example, integ).

c.Click SUBMIT.

SafeNet Trusted Access Setup

After completing the first step of configuring SafeNet Trusted Access in Harness, the second step is to activate the Harness application in SafeNet Trusted Access by performing the following steps:

1.In the Applications pane, the Harness application you added earlier is in the inactive state by default. To configure and activate this application, click the application (for example, Harness) and proceed to the next step.

2.Under STA Setup, in the ACCOUNT ID field, enter the account ID of your Harness account (for example, HwwCvjr_SQa-abrBPnrwZQ ) that you copied earlier in step 4 of Harness Setup.

3.Click Save Configuration to save the details and activate the Harness application in SafeNet Trusted Access.

 

Verify Authentication

Using STA Console

Navigate to the Harness login URL, https://app.harness.io/#/login?, enter the email address, and then click Next.

You will be redirected to your SafeNet Trusted Access sign-in page. Enter your primary directory login information, approve the two-factor authentication, and you should be redirected to the Harness dashboard after authentication.

Using STA User Portal

Navigate to the User Portal URL to log in to the STA User Portal dashboard. On the dashboard, you will see a list of applications to which you have access. Click the Harness application icon. You should be successfully logged in to the Harness dashboard after authentication.

 

© 2019 SafeNet Trusted Access. Various trademarks are held by their respective owners.