View Source

This guide is for an older version of Kantega SSO Enterprise and is no longer maintained. New guides are here: https://kantega-sso.atlassian.net/l/c/rNTaTonz .

Start by clicking “Add new identity provider" and select “AuthAnvil” from the drop-down.

Kantega SSO Enterprise > [Legacy] AuthAnvil > image-20200429-115013.png

Open the AuthAnvil admin console in a separate browser tab. Navigate to SSO Manager and press the green plus at the bottom right, then select the paper icon.

Kantega SSO Enterprise > [Legacy] AuthAnvil > image-20200429-114912.png

From the Library, add a Custom Application.

Kantega SSO Enterprise > [Legacy] AuthAnvil > image-20200429-114924.png

Give the application a name and select your preferred authentication policy.

Go back the the Kantega SSO setup wizard. On the prepare step, Copy the ACS URL and Entity ID. These values are used in the next step.

Kantega SSO Enterprise > [Legacy] AuthAnvil > image-20200429-115051.png

In AuthAnvil, navigate to "Protocol Setup". Paste the values from the prepare step into the corresponding fields. Press "Add application":

Kantega SSO Enterprise > [Legacy] AuthAnvil > image-20200429-115127.png

Configure attribute transformation. By default, AuthAnvill will only send the Name ID SAML attribute. This MAY be sufficient if user accounts already exist in the Atlassian app. If you want to use Just in time provisioning, however, the attributes email and DisplayName must be added.

In "Attribute Transformation" Press Add custom Attribute Map".
Add your preferred attributes. (See example below.)
Save the changes.

Kantega SSO Enterprise > [Legacy] AuthAnvil > image-20200429-115225.png

Configure Permissions. Select which users should be able to log into the SAML application.

Navigate to Permissions.
Press "Add Groups" to Assign permissions to the application.
Select an already existing group or create a new one.
Save the changes.

Kantega SSO Enterprise > [Legacy] AuthAnvil > image-20200429-115247.png

Configure Federation Metadata:

Go to Protocol Setup.
Press "View Federation Metadata".
Copy the metadata URL that opens and save it for the next step.

Kantega SSO Enterprise > [Legacy] AuthAnvil > image-20200429-115320.png

Go back to Kantega SSO and import metadata from AuthAnvil in the import step:

Paste the metadata URL from AuthAnvil.
Press Next.

Kantega SSO Enterprise > [Legacy] AuthAnvil > image-20200429-115404.png

Give the Identity Provider a name. (This name is visible to end users.). Press Next.

Kantega SSO Enterprise > [Legacy] AuthAnvil > image-20200429-115432.png

Review the imported signing certificate (This step is purely informational)

Kantega SSO Enterprise > [Legacy] AuthAnvil > image-20200429-115452.png

Users

Select whether users already exist or if you wish to have users automatically created upon login.
Note that for users to be created, a name, username and an email must be sent in the SAML response. (See previous insctrucions.)
Optionally assign a default group for new users.

Kantega SSO Enterprise > [Legacy] AuthAnvil > image-20200429-115510.png

Finally, review the Summary and press Finish.

Kantega SSO Enterprise > [Legacy] AuthAnvil > image-20200429-115543.png

You may now test AuthAnvil SAML login.