Online Help

SafeNet Trusted Access for JupiterOne

Overview

The application template provides the ability to enable single sign-on for users accessing the JupiterOne application through SafeNet Trusted Access.

The following use cases can be configured for JupiterOne:

SP-initiated SSO

Just-in-Time (JIT) Provisioning

Configuring SafeNet Trusted Access for JupiterOne is a three-step process:

1.JupiterOne setup

2.SafeNet Trusted Access setup

3.Verify authentication

JupiterOne Setup

As a prerequisite, download the Identity Provider metadata from the SafeNet Trusted Access console by clicking the Download metadata file button. You will need this metadata in one of the steps given below.

Perform the following steps to configure SafeNet Trusted Access as your Identity Provider in JupiterOne Setup:

1.Log in to JupiterOne account as an administrator using the https://apps.us.jupiterone.io/ URL.

2.On the JupiterOne dashboard, on the top right-hand side corner, click , and click Single Sign On.

3.On the Single Sign On window, on the top right-hand side corner, click CONFIGURE.

4.Under SAML CONFIGURATION, perform the following steps:

a.From the SSO URL field, copy the SSO URL and paste it in a text editor.

b.From the Audience URI (SP Entity ID) field, copy the value of entity ID and paste it in the text editor.

c.In the Client name field, enter the name of the Identity Provider (for example, SafenetIDP).

d.In a text editor, open the IdP metadata that you downloaded earlier from the SafeNet Trusted Access console and copy the entire text.

e.In the SAML Metadata File field, paste the entire metadata text that you copied in the previous step.

f.In the Allowed OAuth Flows field, ensure that Authorization code grant and Implicit Grant check boxes are selected.

g.On the top right-hand side corner of the window, click on the save icon to save the settings.

SafeNet Trusted Access Setup

After completing the first step of configuring SafeNet Trusted Access in JupiterOne, the second step is to activate the JupiterOne application in SafeNet Trusted Access by performing the following steps:

1.In the Applications pane, the JupiterOne application you added earlier is in the inactive state by default. To configure and activate this application, click the application (for example, JupiterOne) and proceed to the next step.

2.Under Account Details, in the ENTITY ID field, paste the value of entity ID that you copied in step 4(b) of JupiterOne Setup.

3.In the SSO URL field, paste the value of the sso url that you copied in step 4(a) of JupiterOne Setup.

4.Under User Login ID Mapping, in the NAME ID field, ensure that Email address is selected.

5.Under User Portal Settings, in the SERVICE LOGIN URL field, enter your Vanity Domain URl https://<your company name>.apps.us.jupiterone.io provided by JupiterOne.

For example, https://thales.apps.us.jupiterone.io

6.Click Save Configuration to save the details and activate the JupiterOne application in SafeNet Trusted Access.

Verify Authentication

Using STA Console

Navigate to the JupiterOne Vanity Domain URl, https://<your company name>.apps.us.jupiterone.io.

For example, https://thales.apps.us.jupiterone.io

You will be redirected to your SafeNet Trusted Access sign-in page. Enter your primary directory login information, approve the two-factor authentication, and you should be redirected to the JupiterOne dashboard after authentication.

Using STA User Portal

Navigate to the User Portal URL to log in to the STA User Portal dashboard. On the dashboard, you will see a list of applications to which you have access. Click the JupiterOne application icon. You should be successfully logged in to the JupiterOne dashboard after authentication.

 

© 2019 SafeNet Trusted Access. Various trademarks are held by their respective owners.