Online Help

SafeNet Trusted Access for IBM Aspera on Cloud

Overview

The application template provides the ability to enable single sign-on for users accessing the IBM Aspera on Cloud application through SafeNet Trusted Access.

The following use cases can be configured for IBM Aspera on Cloud:

SP-initiated SSO

IdP-initiated SSO

Just-in-Time provisioning

Configuring SafeNet Trusted Access for IBM Aspera on Cloud is a three-step process:

1.IBM Aspera on Cloud setup

2.SafeNet Trusted Access setup

3.Verify authentication

IBM Aspera on Cloud Setup

As a prerequisite, download the Identity Provider certificate from the SafeNet Trusted Access console by clicking on the Download X.509 certificate button. You will need this certificate in one of the steps below.

Perform the following steps to configure SafeNet Trusted Access as your Identity Provider in IBM Aspera on Cloud:

1.Log in to IBM Aspera on Cloud as an administrator using the URL, https://<Organization Name>.ibmaspera.com, where <Organization Name> is your company name registered with IBM Aspera on Cloud.

For example, https://safenet.ibmaspera.com

2.On the IBM Aspera on Cloud admin dashboard, in the left pane, click Organization > Authentication.

3.In the right pane, under Authentication, click the SAML tab.

4.On the SAML tab, click Create new.

5.Under Create new, perform the following steps:

a.Under Profile, ensure that the Enable SAML authentication checkbox is selected.

b.In the Name field, enter the identity provider name (for example, SafeNet IDP).

c.In the SSO target URL field, enter the SingleSignOnService URL that is provided on the SafeNet Trusted Access console.

On the STA console, you can copy this URL by clicking on the Copy to Clipboard icon available next to the SingleSignOnService field.

d.In the SAML login button label field, enter the display name of the login button. For example, Login with SafeNet IDP.

e.Under Security, in the Certificate for IdP field, ensure that the Certificate option is selected.

f.In a text editor, open the identity provider certificate that you downloaded earlier from the STA console. Copy the entire certificate text.

g.In the Certificate field, paste the certificate text that you copied in the previous step.

h.Under Attribute mapping, in the Email field, enter Email.

i.In the First name field, enter FirstName.

j.In the Last name field, enter LastName.

k.In the Member of field, enter Group.

l.Click Save.

6.Under SAML, under <Identity Provider Name>, scroll down to Metadata to obtain the IBM Aspera on Cloud metadata.

7.Under Metadata, in the SAML metadata field, copy the entire metadata content.

8.In a text editor, paste the metadata that you copied in previous step and save it as a .xml file on your local machine. You will need this metadata while configuring IBM Aspera on Cloud in SafeNet Trusted Access.

SafeNet Trusted Access Setup

After completing the first step of configuring SafeNet Trusted Access in IBM Aspera on Cloud, the second step is to activate the IBM Aspera on Cloud application in SafeNet Trusted Access by performing the following steps:

1.In the Applications pane, the IBM Aspera on Cloud application you added earlier is in the inactive state by default. To configure and activate this application, click the application (for example, IBM Aspera on Cloud) and proceed to the next step.

2.Under STA Setup, click Upload IBM Aspera on Cloud Metadata.

3.On the metadata upload window, click Browse to search and select the IBM Aspera on Cloud metadata that you downloaded in step 8 of the IBM Aspera on Cloud Setup.

Under Account Details, the service provider metadata information is displayed.

4.In the NAME ID field, ensure that Email address is selected.

5.Under Return Attributes, ensure that FirstName, LastName, and Email are added.

6.Click Save Configuration to save the details and activate the IBM Aspera on Cloud application in SafeNet Trusted Access.

Verify Authentication

Using STA Console

Navigate to the IBM Aspera on Cloud login URL, such as https://<Organization Name>.ibmaspera.com, where <Organization Name> is your company name registered with IBM Aspera on Cloud.

For example, https://safenet.ibmaspera.com.

On the IBM Aspera on Cloud login page, click Login with <Identity Provider Name>.

You will be redirected to your SafeNet Trusted Access sign-in page. Enter your primary directory login information, approve the two-factor authentication, and you should be redirected to the IBM Aspera on Cloud application after authentication.

Using STA User Portal

Navigate to the User Portal URL to log in to the STA User Portal dashboard. On the dashboard, you will see a list of applications to which you have access. Click the IBM Aspera on Cloud application icon. You should be successfully logged in to the IBM Aspera on Cloud application after authentication.

 

© 2019 SafeNet Trusted Access. Various trademarks are held by their respective owners.