[Legacy] AuthAnvil

Owned by Audun Røe (Unlicensed)
Last updated: Mar 29, 2022 by Steinar Line
3 min read

This guide is for an older version of Kantega SSO Enterprise and is no longer maintained. New guides are here: https://kantega-sso.atlassian.net/l/c/rNTaTonz .

Start by clicking “Add new identity provider" and select “AuthAnvil” from the drop-down.

 

Open the AuthAnvil admin console in a separate browser tab. Navigate to SSO Manager and press the green plus at the bottom right, then select the paper icon.

From the Library, add a Custom Application.

Give the application a name and select your preferred authentication policy.

 

Go back the the Kantega SSO setup wizard. On the prepare step, Copy the ACS URL and Entity ID. These values are used in the next step.

In AuthAnvil, navigate to "Protocol Setup". Paste the values from the prepare step into the corresponding fields. Press "Add application":

 

Configure attribute transformation. By default, AuthAnvill will only send the Name ID SAML attribute. This MAY be sufficient if user accounts already exist in the Atlassian app. If you want to use Just in time provisioning, however, the attributes email and DisplayName must be added. 

  • In "Attribute Transformation" Press Add custom Attribute Map". 

  • Add your preferred attributes. (See example below.)

  • Save the changes.

Configure Permissions. Select which users should be able to log into the SAML application.

  • Navigate to Permissions.

  • Press "Add Groups" to Assign permissions to the application.

  • Select an already existing group or create a new one.

  • Save the changes.

Configure Federation Metadata:

  • Go to Protocol Setup.

  • Press "View Federation Metadata".

  • Copy the metadata URL that opens and save it for the next step.

Go back to Kantega SSO and import metadata from AuthAnvil in the import step:

  • Paste the metadata URL from AuthAnvil.

  • Press Next.

Give the Identity Provider a name. (This name is visible to end users.). Press Next.

Review the imported signing certificate (This step is purely informational)

Users

  • Select whether users already exist or if you wish to have users automatically created upon login.

  • Note that for users to be created, a name, username and an email must be sent in the SAML response. (See previous insctrucions.)

  • Optionally assign a default group for new users.

Finally, review the Summary and press Finish.

You may now test AuthAnvil SAML login.