Skip to main content
Versa Networks

Enable SAML Authentication

  1. Last updated
  2. Save as PDF

Versa-logo-release-icon.png For supported software information, click here.

Security Assertion Markup Language (SAML) is a common standard for authenticating users so that they can access multiple services and applications. SAML is a common standard for exchanging authentication between parties, and it is most commonly used for web browser–based single sign-on (SSO). SSO authenticates a user once and then communicates that authentication to multiple applications. Using SAML-based SSO in Versa secure access improves the user experience, because users do not have to enter user credentials frequently.

To enable SAML authentication, you do the following:

  1. Configure the SSO URL in the SAML application.
  2. Configure a SAML profile.
  3. Associate the SAML profile with an authentication profile.
  4. Associate the SAML authentication profile with a Versa secure access portal.
  5. Associate the SAML authentication profile with a Versa secure access gateway.

Configure the SSO URL in the SAML Application

To enable SAML authentication, configure the SSO URL in the SAML application in the following format. This is the URL to which the Versa secure access client sends the SAML response.

https://domain-name/secure-access/services/saml/login-consumer

Configure a SAML Profile

  1. In Director view:
    1. Select the Administration tab in the top menu bar.
    2. Select Appliances in the left menu bar.
    3. Select a device name in the main panel. The view changes to Appliance view.
  2. Select the Configuration tab in the top menu bar.
  3. Select Object and Connectors objects-connectors-icon.png > Connectors Connectors-Icon.png> Users/Groups Users_Groups-Icon.png > SAML Profile SAML_Profile-Icon.pngin the left menu bar to configure SAML profile.
  4. Click the add-icon.png Add icon. The Add SAML Profile popup window displays.

    add-saml-profile-vsa.png
  5. In the Name field, enter a name for the SAML profile (here, SAML VSA).
  6. For information about configuring the other fields, see Configure SAML Profiles.
  7. Click OK.

Associate the SAML Profile with an Authentication Profile

  1. In Director view:
    1. Select the Administration tab in the top menu bar.
    2. Select Appliances in the left menu bar.
    3. Select a device name in the main panel. The view changes to Appliance view.
  2. Select the Configuration tab in the top menu bar.
  3. Select Objects & Connectors objects-connectors-icon.png > Connectors Connectors-Icon.png > Users/Groups Users_Groups-Icon.png> Authenticator Profiles authenticator-profiles-icon.PNGin the left menu bar.
  4. Click the add-icon-gray.png Add icon. The Add Authentication Profiles popup window displays.

    add-auth-profile-saml.png
  5. In the Name field, enter a name for the authentication profile (here, VSA-SAML-Authetication).
  6. In the SAML Profile field, select the SAML profile you configured in Configure a SAML Profile above. To add an SAML Profile, click + Create SAML Profile.
  7. Click OK.

Associate the SAML Authentication Profile with a Versa Secure Access Portal

  1. In Director view:
    1. Select the Administration tab in the top menu bar.
    2. Select Appliances in the left menu bar.
    3. Select a device name in the main panel. The view changes to Appliance view.
  2. Select the Configuration tab in the top menu bar.
  3. Select Services services-icon.png > Secure Access Secure_Access-Icon.png> PortalRoutes-Icon.PNG> Servers Secure_Access_Servers-Icon.PNGin the left menu bar.
  4. Click the edit-icon.png Edit icon. The Add Services popup window displays.

    add-services-portal-saml.png
  5. In the Authentication field, select the authentication profile you configured in Associate the SAML Profile with an Authentication Profile, above (here, VSA-SAML-Authentication).
  6. For information about configuring the other fields, see Add a Secure Access Portal.
  7. Click OK.

Associate the SAML Authentication Profile with a Versa Secure Access Gateway

  1. In Director view:
    1. Select the Administration tab in the top menu bar.
    2. Select Appliances in the left menu bar.
    3. Select a device name in the main panel. The view changes to Appliance view.
  2. Select the Configuration tab in the top menu bar.
  3. Select Services services-icon.png > Secure Access Secure_Access-Icon.png> GatewayRoutes-Icon.PNG> GeneralSecure_Access-Services-Icon.PNG in the left menu bar.
  4. Click the edit-icon.png Edit icon. The Add Services popup window displays.

    add-services-gateway-saml.PNG
  5. In the Authentication field, select the authentication profile you configured in Associate the SAML Profile with an Authentication Profile, above (here, VSA-SAML-Authentication).
  6. For information about configuring the other fields, see Configure a Secure Access Gateway.
  7. Click OK.

Supported Software Information

Releases 20.2.2 and later support all content described in this article.