This article explains how to configure OneWelcome as an Single Sign-On (SSO) provider for your account.
Configuring OneWelcome as the SSO provider simplifies authentication and enhances user experience. When you enable SSO for the account, users can log in to the Client by authenticating with their SSO credentials and do not need a different set of dedicated credentials.
Follow these steps to configure OneWelcome as an SSO Provider:
- Create an OIDC application in the OneWelcome console
- Configure the details in the Cato Management Application (CMA)
- Configure how OneWelcome is used in your account
In the OneWelcome console, create a OIDC application, including these redirect URL. For more information, see the OneWelcome documentation.
- https://sso.proxy.catonetworks.com/auth_results
- https://sso.via.catonetworks.com/auth_results
- https://sso.ias.catonetworks.com/auth_results
- https://auth.catonetworks.com/oauth2/broker/code/onewelcome
- https://auth.catonetworks.com/endsession/
- https://auth.us1.catonetworks.com/oauth2/broker/code/onewelcome
- https://auth.in1.catonetworks.com/oauth2/broker/code/onewelcome
- https://auth.jp1.catonetworks.com/oauth2/broker/code/onewelcome
- https://auth.us1.catonetworks.com/endsession/
- https://auth.in1.catonetworks.com/endsession/
- https://auth.jp1.catonetworks.com/endsession/
In the CMA, enter the details for the OneWelcome application you created in the previous step:
To configure OneWelcome as an SSO provider:
- In the CMA, from the navigation menu, click Access > Single Sign On.
- Click New.
- From the Identity Provider drop-down menu, select OneWelcome.
- Enter a Name to identify this integration.
- Add the details from the application you created in Step 1.
- Click Apply then Save.
Step 3: Configure How OneWelcome is Used in your Account
You can choose to allow users, Cato Management Application admins, or both to authenticate with SSO using OneWelcome.
You can also configure how long the Cato authentication token is valid for. The Token validity settings define in Days or Hours the amount of time that users remain authenticated. Users that are logged in must re-authenticate when the duration you define in Days or Hours (since they last logged in) has been reached.
The Always Prompt options means that users must always authenticate to the Client.
0 comments
Article is closed for comments.