Applies to: 
Kyvos Enterprise Kyvos Cloud (SaaS on AWS) Kyvos AWS Marketplace
Kyvos Azure Marketplace Kyvos GCP Marketplace Kyvos Single Node Installation (Kyvos SNI)
To configure SAML2.0 as an external authentication provider for the Kyvos Web Portal, perform the following steps.
On the navigation pane, click Security > Web based SSO.
The Web Based SSO dialog is displayed.
Select the Enable External Authentication check box to define the external authentication mechanism for the Kyvos Web portal.
Select the SAML2.0 option from the Provider list.
Enter details as:
Parameter/Field Comments/Description Header Name Enter the name of the HTTP header that contains the user name in the HTTP request. Header Type Select the type of value to be sent by the external authentication tool as an SSO token. Error Redirection URL Enter the URL to which the user will be redirected if there is an error in authenticating the Kyvos application with SAML2.0. This option is displayed only if SAML2.0 is selected as an external authentication provider.
Both relative and absolute URLs are supported.
Example: /error/exception.jsp and http://host:port/appnameService Provider Single Sign-On Return URL Enter the Kyvos Web Portal URL, on which the application redirects after a single sign-on. Service Provider Issuer Enter the name of the service provider issuer to identify your Kyvos Server installation to the Identity Provider. You can use your Kyvos Web Server URL here. X.509 Certificate File Upload the standard format certificate (X.509) file. This is a Privacy Enhanced Mail (PEM)-encoded x509 certificate with the .crt file extension. Service Provider Key File Upload the service provider's private key file. This is an RSA or DSA private key file with .key extension. This is not password protected. Single Logout URL Enter the identity provider's single sign-out URL. Single Sign-On URL Enter a single sign-on URL. This is the URL generated by SAML2.0 while integrating the Kyvos application. Identity Provider Issuer Enter identity provider issuer as generated by SAML2.0. X.509 Certificate File Upload the X.509 certificate file for SAML2.0. Click the Save button to save changes.