Integrate CYBERARK with FileCloud

Before completing the following procedures, configure Apache Web Server. See SSO Configuration Step 1 on the page SAML Single Sign-On Support for configuration instructions.

As an administrator, you can integrate CYBERARK SSO via SAML into FileCloud. Once integrated your users will be able to access FileCloud with their CYBERARK credentials.

CYBERARK is a cloud-based platform Manage privileged accounts and credentials Secure workforce and customer identities Secure and manage access for applications and other non-human identities

In this integration scenario:

• CYBERARK must be configured as an Identity Provider (IdP)
• FileCloud will act as the Service Provider (SP)

Configure FileCloud with CYBERARK

1. In CYBERARK, create a new web app.
   1. Open a browser and log in to your CYBERARK admin portal.
   2. From the left navigation pane, click Web Apps.
      

      

   3. On the Web Apps screen, in the top right corner, click Add Web Apps.

   4. In the Add Web Apps popup, select the Custom tab and scroll down until you find SAML, and click Add. A confirmation panel may appear. Click Yes, and then close to access the added SAML Web App.
      

      

2. In CYBERARK, configure the added SAML Web App.
   1. Click Settings in the navigation panel. In Description, enter a meaningful name such as FileCloud SSO. Click Save at the bottom-center of the screen.
      

      

      
      
   2. Click Trust in the navigation panel, and download the metadata file.
      
   3. Under Identity Provider Configuration, expand IdP Entity ID /Issuer and copy the URL into a notepad.
      

      

       
   4. Select Manual Configuration, and copy the Single Logout URL into a notepad as it will be used in the next steps.
      

      

      
      

   5. Access the SAML Response tab in the navigation panel, and add the following attribute values:
      
      uid = LoginUser.Username
      mail = LoginUser.Email
      givenName = LoginUser.DisplayName
      sn = LoginUser.Shortname
      

      

3. Export the metadata file into FileCloud and configure SSO.

   1. Configure Apache Webserver

   2. In the FileCloud admin portal's left navigation bar, scroll down and click Settings. Then, on the Settings navigation page, click SSO

      

      .
      The SSO page opens.

      1. Configure the following attributes:
         IdP Username Parameter = uid
         IdP Email Parameter = mail
         IdP Given Name Parameter = givenName
         IdP Surname Parameter = sn

      2. Paste the Single Logout URL copied in step 2d into IdP Log Out URL (Optional)

      3. Paste the IdP Entity ID/Issuer URL copied in step 2c into Idp Endpoint URL or EntityID

      4. Open the metadata file downloaded in step 2b, and copy its content into IdP Metadata.

      5. Fill in the other settings on the page as shown in SAML Single Sign-On Support.

      6. Click Save.
         

         

         
         

   3. Enable SSO Login. In the FileCloud admin portal, go to Customization > General > Login. Enable Show SSO Link and Show Login Options.
      

      

4. Configure the service provider in CYBERARK.

   1. Click the Trust tab in the navigation panel for the Web App, and scroll down to Service Provider Configuration.

   2. In URL, add the following:   https://YOUR-FILECLOUD-URL/simplesaml/module.php/saml/sp/metadata.php/default-sp and click Load to download FileCloud's metadata.

      

   3. Once you have loaded FileCloud's metadata, change the settings from Metadata to Manual Configuration and disable Encrypt SAML Response Assertion. Click Save. 
      

      

5. Complete CYBERARK SSO integration.

   1. Access FileCloud's user portal and click Login In with SSO.
      

      

      
      You are redirected to your CYBERARK login page.
      

      

   2. Complete your user authentication.
      

      

      
      You are redirected to FileCloud.
      

      

       
      Now you can use single sign-on with CYBERARK from FileCloud.