SlideShare una empresa de Scribd logo

External identity

Descargar como PPTX, PDF
S
Son Nguyen

External identity

Tecnología
1 de 12
External Identity
• Setting up external identity means that you configure an identity provider (IdP) to authenticate an acting agent (either an user, a client, or both) and then assert to Anypoint Platform that said agent has been validated by it and should be trusted.
• This means that you can set up: • External identities for user management using SAML 2.0 • External identities for client management using OAuth 2.0 • External identities for both user and client management
User Management • The Anypoint Platform can be integrated with your organization’s external federated identity system allowing your users to have single sign-on (SSO) access to your Anypoint Platform organization. • In order to configure it, use the SAML configuration instructions in the section below and consult your IdPs specific documentation for instructions on how to apply this configuration for your intended provider.
Identity Providers • The Anypoint Platform supports SAML 2.0 compliant identity management providers for user management and SSO. • Although any SAML 2.0 compliant provider can be configured for this use, the following IdPs have been successfully tested as working with Anypoint Platform: • Ping Federate • OpenAM • Okta • Shibboleth • ADFS • onelogin • CA SiteMinder • For these providers, the 'Assertion Consumer Service' or 'SAML Assertion URL' is https://anypoint.mulesoft.com/accounts/login/receive-id and the 'entityID' or 'Audience URL' is any string value that identifies your organization. By convention it is <organizationDomain>.anypoint.mulesoft.com, but any value is acceptable.
Instructions for SAML Configuration • The instructions in this document allow you to configure your Anypoint Platform organization with any of the supported SAML 2.0 providers for SSO. • To configure federated identity: • Configure your SAML provider to set up your Anypoint Platform organization as your audience. • Set the Assertion Consumer Service to send an HTTP POST request to the following address: https://anypoint.mulesoft.com/accounts/login/receive-id • Log in with an administrator account into your Anypoint organization, click on the gear icon in the Nav bar which will take you to the Access Manager user interface , and select External Identity. If you haven’t set anything yet, you should see a screen like this • Click the link for "If you would like to configure single sign on with a SAML 2.0 provider you can get started here" and then provide the necessary data in the SAML 2.0 form to set up your Anypoint organization for SSO
Federated Organizations - Map Users to Anypoint Platform Roles • As of November 2014, Anypoint Platform provides a feature to help you map users in a federated organization’s LDAP group to an Anypoint Role. • This requires that your Anypoint Platform organization utilizes an external identity provider such as PingFederate. • This feature enables users in an organization to sign in to Anypoint Platform using the same organizational credentials and access permissions that an organization maintains using LDAP. • This ensures credential security and maintains organizational roles for accessing privileged information. • To support this feature you first need to configure an external identity following any of the methods described above, and then follow the two steps described below: • Verify SAML Information • The SAML assertion is an XML file that is issued by the external identity provider. • Log into Anypoint Platform and click the External Identity tab to verify your organization’s Identity management information.
Client Management • Client Management allows any client connecting to your application to identify itself using OAuth 2.0. • An OAuth client application interacts with the provider´s authorization server to obtain access tokens needed to call OAuth- protected services at the Anypoint Platform´s resource server. • The only OAuth 2.0 supported IdPs that work with Anypoint Platform are openAM and Ping Federate
openAM • If you want to use openAM for client management and if you’re not using Anypoint Platform on premises, you need to request that your account be configured in that way, as you can’t set this up manually. • Work with your MuleSoft account representative to ensure that we are aware of your needs for configuring your organization with PingFederate. • Complete the OpenAM form and MuleSoft will get back to you within 48 hours with either the completion of the configuration or follow-up questions to complete the configuration.
Ping Federate • If you want to use Ping Federate for client management and if you’re not using Anypoint Platform on premises, you need to request that your account be configured in that way, as you can’t set this up manually. • Work with your MuleSoft account representative to ensure that we are aware of your needs for configuring your organization with PingFederate. • Complete the Ping Federate Form. After you complete this form, MuleSoft gets back to you within 48 hours with either the completion of the configuration or follow-up questions to complete the configuration.
Single Log Out • Single log out is important so that a user or user agent can log out of an authenticated environment and ensure that both service providers and identity servers process the log out correctly. • To configure single log out: • In PingFederate, click the SP Configuration for the Anypoint Platform. • Go to Browser SSO and click Configure Browser SSO. • Under SAML Profiles, ensure that these are set: • IdP-Initiated SSO • IdP-Initiated SLO • SP-Initiated SLO • Go to Protocol Settings and click Configure Protocol Settings. • Configure a SLO Service Url with the following:
• Under Allowable SAML Bindings, click Redirect. • Under Encryption Policy, make certain that nothing is encrypted. • Save and click Done out of Protocol Settings and Browser SSO. • When viewing the SP Configuration for Anypoint Platform, go to Credentials, and click Configure Credentials. • Under Signature Verification Settings, click Manage Signature Verification Settings. Set the Trust Model to Unanchored, and import the attached certificate. Make it the active certificate.

Recomendados

Analytics event api
Analytics event apiAnalytics event api
Analytics event apiSon Nguyen
 
Anypoint runtime manager v1
Anypoint runtime manager v1Anypoint runtime manager v1
Anypoint runtime manager v1Son Nguyen
 
Managing permissions
Managing permissionsManaging permissions
Managing permissionsSon Nguyen
 
Deploying to cloud hub
Deploying to cloud hubDeploying to cloud hub
Deploying to cloud hubSon Nguyen
 
Mq user and role access
Mq user and role accessMq user and role access
Mq user and role accessSon Nguyen
 
View api analytics
View api analyticsView api analytics
View api analyticsSon Nguyen
 
Mule roles
Mule rolesMule roles
Mule rolesSon Nguyen
 
Anypoint access management
Anypoint access management Anypoint access management
Anypoint access management Shanky Gupta
 

Recomendados

Analytics event api
Analytics event apiAnalytics event api
Analytics event apiSon Nguyen
 
Anypoint runtime manager v1
Anypoint runtime manager v1Anypoint runtime manager v1
Anypoint runtime manager v1Son Nguyen
 
Managing permissions
Managing permissionsManaging permissions
Managing permissionsSon Nguyen
 
Deploying to cloud hub
Deploying to cloud hubDeploying to cloud hub
Deploying to cloud hubSon Nguyen
 
Mq user and role access
Mq user and role accessMq user and role access
Mq user and role accessSon Nguyen
 
View api analytics
View api analyticsView api analytics
View api analyticsSon Nguyen
 
Mule roles
Mule rolesMule roles
Mule rolesSon Nguyen
 
Anypoint access management
Anypoint access management Anypoint access management
Anypoint access management Shanky Gupta
 
Mule organization
Mule organizationMule organization
Mule organizationSon Nguyen
 
Creating a mule project with raml and api
Creating a mule project with raml and apiCreating a mule project with raml and api
Creating a mule project with raml and apiBhargav Ranjit
 
Mule esb stripe
Mule esb stripeMule esb stripe
Mule esb stripeD.Rajesh Kumar
 
Mule access management - Managing Environments and Permissions
Mule access management - Managing Environments and PermissionsMule access management - Managing Environments and Permissions
Mule access management - Managing Environments and PermissionsShanky Gupta
 
Mule cloudhubconsoleoverview-sathyaraj
Mule cloudhubconsoleoverview-sathyarajMule cloudhubconsoleoverview-sathyaraj
Mule cloudhubconsoleoverview-sathyarajsathyaraj Anand
 
Manage and consume the api
Manage and consume the apiManage and consume the api
Manage and consume the apiAchyuta Lakshmi Puvvala
 
Mule users
Mule usersMule users
Mule usersSon Nguyen
 
Integration with Microsoft SharePoint using Mule ESB
Integration with Microsoft SharePoint using Mule ESBIntegration with Microsoft SharePoint using Mule ESB
Integration with Microsoft SharePoint using Mule ESBSanjeet Pandey
 
Mule cloud hub console overview
Mule cloud hub console overviewMule cloud hub console overview
Mule cloud hub console overviewcharan teja R
 
Running mule as worker role on azure
Running mule as worker role on azureRunning mule as worker role on azure
Running mule as worker role on azureSon Nguyen
 
Mule management console installation
Mule management console installation Mule management console installation
Mule management console installation javeed_mhd
 
Query in share point by mule
Query in share point by muleQuery in share point by mule
Query in share point by muleSon Nguyen
 
Configuring Anypoint Studio MQ connector
Configuring Anypoint Studio MQ connectorConfiguring Anypoint Studio MQ connector
Configuring Anypoint Studio MQ connectorShanky Gupta
 
Github plugin setup in anypointstudio
Github plugin setup in anypointstudioGithub plugin setup in anypointstudio
Github plugin setup in anypointstudioRajkattamuri
 
Introduce anypoint studio
Introduce anypoint studioIntroduce anypoint studio
Introduce anypoint studioSon Nguyen
 
Troubleshooting anypoint platform
Troubleshooting anypoint platformTroubleshooting anypoint platform
Troubleshooting anypoint platformSon Nguyen
 
Feature guide opportunity manager(awom)
Feature guide opportunity manager(awom)Feature guide opportunity manager(awom)
Feature guide opportunity manager(awom)Ajeet Singh
 
Mule tcat server - deploying applications
Mule tcat server - deploying applicationsMule tcat server - deploying applications
Mule tcat server - deploying applicationsShanky Gupta
 
Mule cloud hub console overview
Mule cloud hub console overviewMule cloud hub console overview
Mule cloud hub console overviewD.Rajesh Kumar
 
Anypoint mq acknowledgement mode
Anypoint mq acknowledgement modeAnypoint mq acknowledgement mode
Anypoint mq acknowledgement modeSon Nguyen
 
Message structure
Message structureMessage structure
Message structureSon Nguyen
 
White Paper: Internal vs. External Identity Access Management
White Paper: Internal vs. External Identity Access Management White Paper: Internal vs. External Identity Access Management
White Paper: Internal vs. External Identity Access Management Gigya
 

Más contenido relacionado

La actualidad más candente

Mule organization
Mule organizationMule organization
Mule organizationSon Nguyen
 
Creating a mule project with raml and api
Creating a mule project with raml and apiCreating a mule project with raml and api
Creating a mule project with raml and apiBhargav Ranjit
 
Mule access management - Managing Environments and Permissions
Mule access management - Managing Environments and PermissionsMule access management - Managing Environments and Permissions
Mule access management - Managing Environments and PermissionsShanky Gupta
 
Mule cloudhubconsoleoverview-sathyaraj
Mule cloudhubconsoleoverview-sathyarajMule cloudhubconsoleoverview-sathyaraj
Mule cloudhubconsoleoverview-sathyarajsathyaraj Anand
 
Integration with Microsoft SharePoint using Mule ESB
Integration with Microsoft SharePoint using Mule ESBIntegration with Microsoft SharePoint using Mule ESB
Integration with Microsoft SharePoint using Mule ESBSanjeet Pandey
 
Mule cloud hub console overview
Mule cloud hub console overviewMule cloud hub console overview
Mule cloud hub console overviewcharan teja R
 
Running mule as worker role on azure
Running mule as worker role on azureRunning mule as worker role on azure
Running mule as worker role on azureSon Nguyen
 
Mule management console installation
Mule management console installation Mule management console installation
Mule management console installation javeed_mhd
 
Query in share point by mule
Query in share point by muleQuery in share point by mule
Query in share point by muleSon Nguyen
 
Configuring Anypoint Studio MQ connector
Configuring Anypoint Studio MQ connectorConfiguring Anypoint Studio MQ connector
Configuring Anypoint Studio MQ connectorShanky Gupta
 
Github plugin setup in anypointstudio
Github plugin setup in anypointstudioGithub plugin setup in anypointstudio
Github plugin setup in anypointstudioRajkattamuri
 
Introduce anypoint studio
Introduce anypoint studioIntroduce anypoint studio
Introduce anypoint studioSon Nguyen
 
Troubleshooting anypoint platform
Troubleshooting anypoint platformTroubleshooting anypoint platform
Troubleshooting anypoint platformSon Nguyen
 
Feature guide opportunity manager(awom)
Feature guide opportunity manager(awom)Feature guide opportunity manager(awom)
Feature guide opportunity manager(awom)Ajeet Singh
 
Mule tcat server - deploying applications
Mule tcat server - deploying applicationsMule tcat server - deploying applications
Mule tcat server - deploying applicationsShanky Gupta
 
Mule cloud hub console overview
Mule cloud hub console overviewMule cloud hub console overview
Mule cloud hub console overviewD.Rajesh Kumar
 

La actualidad más candente (19)

Mule organization
Mule organizationMule organization
Mule organization
 
Creating a mule project with raml and api
Creating a mule project with raml and apiCreating a mule project with raml and api
Creating a mule project with raml and api
 
Mule esb stripe
Mule esb stripeMule esb stripe
Mule esb stripe
 
Mule access management - Managing Environments and Permissions
Mule access management - Managing Environments and PermissionsMule access management - Managing Environments and Permissions
Mule access management - Managing Environments and Permissions
 
Mule cloudhubconsoleoverview-sathyaraj
Mule cloudhubconsoleoverview-sathyarajMule cloudhubconsoleoverview-sathyaraj
Mule cloudhubconsoleoverview-sathyaraj
 
Manage and consume the api
Manage and consume the apiManage and consume the api
Manage and consume the api
 
Mule users
Mule usersMule users
Mule users
 
Integration with Microsoft SharePoint using Mule ESB
Integration with Microsoft SharePoint using Mule ESBIntegration with Microsoft SharePoint using Mule ESB
Integration with Microsoft SharePoint using Mule ESB
 
Mule cloud hub console overview
Mule cloud hub console overviewMule cloud hub console overview
Mule cloud hub console overview
 
Running mule as worker role on azure
Running mule as worker role on azureRunning mule as worker role on azure
Running mule as worker role on azure
 
Mule management console installation
Mule management console installation Mule management console installation
Mule management console installation
 
Query in share point by mule
Query in share point by muleQuery in share point by mule
Query in share point by mule
 
Configuring Anypoint Studio MQ connector
Configuring Anypoint Studio MQ connectorConfiguring Anypoint Studio MQ connector
Configuring Anypoint Studio MQ connector
 
Github plugin setup in anypointstudio
Github plugin setup in anypointstudioGithub plugin setup in anypointstudio
Github plugin setup in anypointstudio
 
Introduce anypoint studio
Introduce anypoint studioIntroduce anypoint studio
Introduce anypoint studio
 
Troubleshooting anypoint platform
Troubleshooting anypoint platformTroubleshooting anypoint platform
Troubleshooting anypoint platform
 
Feature guide opportunity manager(awom)
Feature guide opportunity manager(awom)Feature guide opportunity manager(awom)
Feature guide opportunity manager(awom)
 
Mule tcat server - deploying applications
Mule tcat server - deploying applicationsMule tcat server - deploying applications
Mule tcat server - deploying applications
 
Mule cloud hub console overview
Mule cloud hub console overviewMule cloud hub console overview
Mule cloud hub console overview
 

Destacado

Anypoint mq acknowledgement mode
Anypoint mq acknowledgement modeAnypoint mq acknowledgement mode
Anypoint mq acknowledgement modeSon Nguyen
 
Message structure
Message structureMessage structure
Message structureSon Nguyen
 
White Paper: Internal vs. External Identity Access Management
White Paper: Internal vs. External Identity Access Management White Paper: Internal vs. External Identity Access Management
White Paper: Internal vs. External Identity Access Management Gigya
 
Pagination Done the Right Way
Pagination Done the Right WayPagination Done the Right Way
Pagination Done the Right WayMarkus Winand
 
White Paper: Saml as an SSO Standard for Customer Identity Management
White Paper: Saml as an SSO Standard for Customer Identity ManagementWhite Paper: Saml as an SSO Standard for Customer Identity Management
White Paper: Saml as an SSO Standard for Customer Identity ManagementGigya
 
2015-11-24-me bios-digitale-fabriek-naar-kennisfabriek
2015-11-24-me bios-digitale-fabriek-naar-kennisfabriek2015-11-24-me bios-digitale-fabriek-naar-kennisfabriek
2015-11-24-me bios-digitale-fabriek-naar-kennisfabriekSirris
 
Drama Cempaka Berdarah
Drama Cempaka BerdarahDrama Cempaka Berdarah
Drama Cempaka BerdarahAzwira Ariwana
 
Prosedur poligami
Prosedur poligamiProsedur poligami
Prosedur poligamishahirah44
 
презентация
презентацияпрезентация
презентацияtktyf
 
Salesforce DUG meetup #10 MiniHack完全制覇の旅
Salesforce DUG meetup #10 MiniHack完全制覇の旅Salesforce DUG meetup #10 MiniHack完全制覇の旅
Salesforce DUG meetup #10 MiniHack完全制覇の旅Akira Kuratani
 
Model discovery learning
Model discovery learningModel discovery learning
Model discovery learningMuhammad Fikri
 
Новогодний шар из текстиля
Новогодний шар из текстиляНовогодний шар из текстиля
Новогодний шар из текстиляOlga-st
 
My weekend at prssa 2014 national assembly
My weekend at prssa 2014 national assemblyMy weekend at prssa 2014 national assembly
My weekend at prssa 2014 national assemblyShania Jackson
 
Company Profile- CFMS.-1
Company Profile- CFMS.-1Company Profile- CFMS.-1
Company Profile- CFMS.-1Shashi Singh
 

Destacado (20)

Anypoint mq acknowledgement mode
Anypoint mq acknowledgement modeAnypoint mq acknowledgement mode
Anypoint mq acknowledgement mode
 
Message structure
Message structureMessage structure
Message structure
 
White Paper: Internal vs. External Identity Access Management
White Paper: Internal vs. External Identity Access Management White Paper: Internal vs. External Identity Access Management
White Paper: Internal vs. External Identity Access Management
 
Pagination Done the Right Way
Pagination Done the Right WayPagination Done the Right Way
Pagination Done the Right Way
 
White Paper: Saml as an SSO Standard for Customer Identity Management
White Paper: Saml as an SSO Standard for Customer Identity ManagementWhite Paper: Saml as an SSO Standard for Customer Identity Management
White Paper: Saml as an SSO Standard for Customer Identity Management
 
2015-11-24-me bios-digitale-fabriek-naar-kennisfabriek
2015-11-24-me bios-digitale-fabriek-naar-kennisfabriek2015-11-24-me bios-digitale-fabriek-naar-kennisfabriek
2015-11-24-me bios-digitale-fabriek-naar-kennisfabriek
 
elective_marketing_aCipolla_3EMBAPT
elective_marketing_aCipolla_3EMBAPTelective_marketing_aCipolla_3EMBAPT
elective_marketing_aCipolla_3EMBAPT
 
Drama Cempaka Berdarah
Drama Cempaka BerdarahDrama Cempaka Berdarah
Drama Cempaka Berdarah
 
Prosedur poligami
Prosedur poligamiProsedur poligami
Prosedur poligami
 
1-APELL Introduction- Gablehouse
1-APELL Introduction- Gablehouse1-APELL Introduction- Gablehouse
1-APELL Introduction- Gablehouse
 
Gas mulia
Gas muliaGas mulia
Gas mulia
 
Tm31
Tm31Tm31
Tm31
 
презентация
презентацияпрезентация
презентация
 
Salesforce DUG meetup #10 MiniHack完全制覇の旅
Salesforce DUG meetup #10 MiniHack完全制覇の旅Salesforce DUG meetup #10 MiniHack完全制覇の旅
Salesforce DUG meetup #10 MiniHack完全制覇の旅
 
Ppt ta deal
Ppt ta dealPpt ta deal
Ppt ta deal
 
Model discovery learning
Model discovery learningModel discovery learning
Model discovery learning
 
Qui
QuiQui
Qui
 
Новогодний шар из текстиля
Новогодний шар из текстиляНовогодний шар из текстиля
Новогодний шар из текстиля
 
My weekend at prssa 2014 national assembly
My weekend at prssa 2014 national assemblyMy weekend at prssa 2014 national assembly
My weekend at prssa 2014 national assembly
 
Company Profile- CFMS.-1
Company Profile- CFMS.-1Company Profile- CFMS.-1
Company Profile- CFMS.-1
 

Similar a External identity

Mulesoft Salesforce Connector - OAuth 2.0 JWT Bearer
Mulesoft Salesforce Connector - OAuth 2.0 JWT BearerMulesoft Salesforce Connector - OAuth 2.0 JWT Bearer
Mulesoft Salesforce Connector - OAuth 2.0 JWT BearerVince Soliza
 
WordPress + Office 365 | Quick Installation Guide v9.6
WordPress + Office 365 | Quick Installation Guide v9.6WordPress + Office 365 | Quick Installation Guide v9.6
WordPress + Office 365 | Quick Installation Guide v9.6Marco van Wieren
 
SuiteCRM Customer Portal
SuiteCRM Customer PortalSuiteCRM Customer Portal
SuiteCRM Customer PortalAppJetty
 
Microsoft mobile services
Microsoft mobile servicesMicrosoft mobile services
Microsoft mobile servicesMaksym Davydov
 
OpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for BeginnersOpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for BeginnersSalesforce Developers
 
Saml sap netweaver_fiori
Saml sap netweaver_fioriSaml sap netweaver_fiori
Saml sap netweaver_fioriNagendra Babu
 
Lecture 11. Microsoft mobile services
Lecture 11. Microsoft mobile servicesLecture 11. Microsoft mobile services
Lecture 11. Microsoft mobile servicesMaksym Davydov
 
Social Sign-On with Authentication Providers Webinar
Social Sign-On with Authentication Providers WebinarSocial Sign-On with Authentication Providers Webinar
Social Sign-On with Authentication Providers WebinarSalesforce Developers
 
Secure Development on the Salesforce Platform - Part 3
Secure Development on the Salesforce Platform - Part 3Secure Development on the Salesforce Platform - Part 3
Secure Development on the Salesforce Platform - Part 3Mark Adcock
 
Salesforce Identity Management
Salesforce Identity ManagementSalesforce Identity Management
Salesforce Identity ManagementJayant Jindal
 
Integrating Okta with Anypoint Platform for a mobile security use case
Integrating Okta with Anypoint Platform for a mobile security use caseIntegrating Okta with Anypoint Platform for a mobile security use case
Integrating Okta with Anypoint Platform for a mobile security use caseBahman Kalali
 
Marketing Cloud integration with MuleSoft
Marketing Cloud integration with MuleSoftMarketing Cloud integration with MuleSoft
Marketing Cloud integration with MuleSoftPatryk Bandurski
 
Different architecture topology for dynamics 365 retail
Different architecture topology for dynamics 365 retailDifferent architecture topology for dynamics 365 retail
Different architecture topology for dynamics 365 retailSonny56
 
(Salesforce) Lightning Login - Dreamforce 2017
(Salesforce) Lightning Login - Dreamforce 2017(Salesforce) Lightning Login - Dreamforce 2017
(Salesforce) Lightning Login - Dreamforce 2017Michael Smith
 
Dyn crm2013 whatsnew_v1_0_cr
Dyn crm2013 whatsnew_v1_0_crDyn crm2013 whatsnew_v1_0_cr
Dyn crm2013 whatsnew_v1_0_crMarcello Fisicaro
 
Windows Azure mobile services - Kolkata - 28 June 2015
Windows Azure mobile services - Kolkata - 28 June 2015Windows Azure mobile services - Kolkata - 28 June 2015
Windows Azure mobile services - Kolkata - 28 June 2015Kunal Chowdhury
 
Envision it Webinar - Extranet Identity Management and Authentication for Sha...
Envision it Webinar - Extranet Identity Management and Authentication for Sha...Envision it Webinar - Extranet Identity Management and Authentication for Sha...
Envision it Webinar - Extranet Identity Management and Authentication for Sha...Envision IT
 

Similar a External identity (20)

Mulesoft Salesforce Connector - OAuth 2.0 JWT Bearer
Mulesoft Salesforce Connector - OAuth 2.0 JWT BearerMulesoft Salesforce Connector - OAuth 2.0 JWT Bearer
Mulesoft Salesforce Connector - OAuth 2.0 JWT Bearer
 
WordPress + Office 365 | Quick Installation Guide v9.6
WordPress + Office 365 | Quick Installation Guide v9.6WordPress + Office 365 | Quick Installation Guide v9.6
WordPress + Office 365 | Quick Installation Guide v9.6
 
SuiteCRM Customer Portal
SuiteCRM Customer PortalSuiteCRM Customer Portal
SuiteCRM Customer Portal
 
Microsoft mobile services
Microsoft mobile servicesMicrosoft mobile services
Microsoft mobile services
 
OpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for BeginnersOpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for Beginners
 
Saml sap netweaver_fiori
Saml sap netweaver_fioriSaml sap netweaver_fiori
Saml sap netweaver_fiori
 
Lecture 11. Microsoft mobile services
Lecture 11. Microsoft mobile servicesLecture 11. Microsoft mobile services
Lecture 11. Microsoft mobile services
 
Social Sign-On with Authentication Providers Webinar
Social Sign-On with Authentication Providers WebinarSocial Sign-On with Authentication Providers Webinar
Social Sign-On with Authentication Providers Webinar
 
Social Sign-On with Authentication Providers
Social Sign-On with Authentication ProvidersSocial Sign-On with Authentication Providers
Social Sign-On with Authentication Providers
 
Licensing
LicensingLicensing
Licensing
 
Secure Development on the Salesforce Platform - Part 3
Secure Development on the Salesforce Platform - Part 3Secure Development on the Salesforce Platform - Part 3
Secure Development on the Salesforce Platform - Part 3
 
Salesforce Identity Management
Salesforce Identity ManagementSalesforce Identity Management
Salesforce Identity Management
 
Integrating Okta with Anypoint Platform for a mobile security use case
Integrating Okta with Anypoint Platform for a mobile security use caseIntegrating Okta with Anypoint Platform for a mobile security use case
Integrating Okta with Anypoint Platform for a mobile security use case
 
Website Livechat Leads
Website Livechat LeadsWebsite Livechat Leads
Website Livechat Leads
 
Marketing Cloud integration with MuleSoft
Marketing Cloud integration with MuleSoftMarketing Cloud integration with MuleSoft
Marketing Cloud integration with MuleSoft
 
Different architecture topology for dynamics 365 retail
Different architecture topology for dynamics 365 retailDifferent architecture topology for dynamics 365 retail
Different architecture topology for dynamics 365 retail
 
(Salesforce) Lightning Login - Dreamforce 2017
(Salesforce) Lightning Login - Dreamforce 2017(Salesforce) Lightning Login - Dreamforce 2017
(Salesforce) Lightning Login - Dreamforce 2017
 
Dyn crm2013 whatsnew_v1_0_cr
Dyn crm2013 whatsnew_v1_0_crDyn crm2013 whatsnew_v1_0_cr
Dyn crm2013 whatsnew_v1_0_cr
 
Windows Azure mobile services - Kolkata - 28 June 2015
Windows Azure mobile services - Kolkata - 28 June 2015Windows Azure mobile services - Kolkata - 28 June 2015
Windows Azure mobile services - Kolkata - 28 June 2015
 
Envision it Webinar - Extranet Identity Management and Authentication for Sha...
Envision it Webinar - Extranet Identity Management and Authentication for Sha...Envision it Webinar - Extranet Identity Management and Authentication for Sha...
Envision it Webinar - Extranet Identity Management and Authentication for Sha...
 

Más de Son Nguyen

Your new maven friend – the mule maven
Your new maven friend – the mule mavenYour new maven friend – the mule maven
Your new maven friend – the mule mavenSon Nguyen
 
Soa governance for the modern business
Soa governance for the modern businessSoa governance for the modern business
Soa governance for the modern businessSon Nguyen
 
Quality sdk for your apis in minutes!
Quality sdk for your apis in minutes!Quality sdk for your apis in minutes!
Quality sdk for your apis in minutes!Son Nguyen
 
Maven tools & archetypes
Maven tools & archetypesMaven tools & archetypes
Maven tools & archetypesSon Nguyen
 
Let api change your relationship with your doctor
Let api change your relationship with your doctorLet api change your relationship with your doctor
Let api change your relationship with your doctorSon Nguyen
 
Increase revenue and reinvigorate your business with api
Increase revenue and reinvigorate your business with apiIncrease revenue and reinvigorate your business with api
Increase revenue and reinvigorate your business with apiSon Nguyen
 
How to – wrap soap web service around a database
How to – wrap soap web service around a databaseHow to – wrap soap web service around a database
How to – wrap soap web service around a databaseSon Nguyen
 
How to – rest api proxy to soap webservice
How to – rest api proxy to soap webserviceHow to – rest api proxy to soap webservice
How to – rest api proxy to soap webserviceSon Nguyen
 
A good api strategy can help turn your
A good api strategy can help turn yourA good api strategy can help turn your
A good api strategy can help turn yourSon Nguyen
 
10 steps to design and build the perfect
10 steps to design and build the perfect10 steps to design and build the perfect
10 steps to design and build the perfectSon Nguyen
 
What is the difference between using private flow
What is the difference between using private flowWhat is the difference between using private flow
What is the difference between using private flowSon Nguyen
 
Troubleshooting mule
Troubleshooting muleTroubleshooting mule
Troubleshooting muleSon Nguyen
 
Real time data processing with anypoint connector for kafka
Real time data processing with anypoint connector for kafkaReal time data processing with anypoint connector for kafka
Real time data processing with anypoint connector for kafkaSon Nguyen
 
Performance tuning in mule
Performance tuning in mulePerformance tuning in mule
Performance tuning in muleSon Nguyen
 
Mule intelli j tips
Mule intelli j tipsMule intelli j tips
Mule intelli j tipsSon Nguyen
 
Introducing the anypoint connector for redis
Introducing the anypoint connector for redisIntroducing the anypoint connector for redis
Introducing the anypoint connector for redisSon Nguyen
 
How to – data integrity checks in batch processing
How to – data integrity checks in batch processingHow to – data integrity checks in batch processing
How to – data integrity checks in batch processingSon Nguyen
 
How soa paved the way for cloud
How soa paved the way for cloudHow soa paved the way for cloud
How soa paved the way for cloudSon Nguyen
 
Anypoint mq queues and exchanges
Anypoint mq queues and exchangesAnypoint mq queues and exchanges
Anypoint mq queues and exchangesSon Nguyen
 
Cloud hub and mule
Cloud hub and muleCloud hub and mule
Cloud hub and muleSon Nguyen
 

Más de Son Nguyen (20)

Your new maven friend – the mule maven
Your new maven friend – the mule mavenYour new maven friend – the mule maven
Your new maven friend – the mule maven
 
Soa governance for the modern business
Soa governance for the modern businessSoa governance for the modern business
Soa governance for the modern business
 
Quality sdk for your apis in minutes!
Quality sdk for your apis in minutes!Quality sdk for your apis in minutes!
Quality sdk for your apis in minutes!
 
Maven tools & archetypes
Maven tools & archetypesMaven tools & archetypes
Maven tools & archetypes
 
Let api change your relationship with your doctor
Let api change your relationship with your doctorLet api change your relationship with your doctor
Let api change your relationship with your doctor
 
Increase revenue and reinvigorate your business with api
Increase revenue and reinvigorate your business with apiIncrease revenue and reinvigorate your business with api
Increase revenue and reinvigorate your business with api
 
How to – wrap soap web service around a database
How to – wrap soap web service around a databaseHow to – wrap soap web service around a database
How to – wrap soap web service around a database
 
How to – rest api proxy to soap webservice
How to – rest api proxy to soap webserviceHow to – rest api proxy to soap webservice
How to – rest api proxy to soap webservice
 
A good api strategy can help turn your
A good api strategy can help turn yourA good api strategy can help turn your
A good api strategy can help turn your
 
10 steps to design and build the perfect
10 steps to design and build the perfect10 steps to design and build the perfect
10 steps to design and build the perfect
 
What is the difference between using private flow
What is the difference between using private flowWhat is the difference between using private flow
What is the difference between using private flow
 
Troubleshooting mule
Troubleshooting muleTroubleshooting mule
Troubleshooting mule
 
Real time data processing with anypoint connector for kafka
Real time data processing with anypoint connector for kafkaReal time data processing with anypoint connector for kafka
Real time data processing with anypoint connector for kafka
 
Performance tuning in mule
Performance tuning in mulePerformance tuning in mule
Performance tuning in mule
 
Mule intelli j tips
Mule intelli j tipsMule intelli j tips
Mule intelli j tips
 
Introducing the anypoint connector for redis
Introducing the anypoint connector for redisIntroducing the anypoint connector for redis
Introducing the anypoint connector for redis
 
How to – data integrity checks in batch processing
How to – data integrity checks in batch processingHow to – data integrity checks in batch processing
How to – data integrity checks in batch processing
 
How soa paved the way for cloud
How soa paved the way for cloudHow soa paved the way for cloud
How soa paved the way for cloud
 
Anypoint mq queues and exchanges
Anypoint mq queues and exchangesAnypoint mq queues and exchanges
Anypoint mq queues and exchanges
 
Cloud hub and mule
Cloud hub and muleCloud hub and mule
Cloud hub and mule
 

Último

TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 

Último (20)

TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 

External identity

  • 2. • Setting up external identity means that you configure an identity provider (IdP) to authenticate an acting agent (either an user, a client, or both) and then assert to Anypoint Platform that said agent has been validated by it and should be trusted.
  • 3. • This means that you can set up: • External identities for user management using SAML 2.0 • External identities for client management using OAuth 2.0 • External identities for both user and client management
  • 4. User Management • The Anypoint Platform can be integrated with your organization’s external federated identity system allowing your users to have single sign-on (SSO) access to your Anypoint Platform organization. • In order to configure it, use the SAML configuration instructions in the section below and consult your IdPs specific documentation for instructions on how to apply this configuration for your intended provider.
  • 5. Identity Providers • The Anypoint Platform supports SAML 2.0 compliant identity management providers for user management and SSO. • Although any SAML 2.0 compliant provider can be configured for this use, the following IdPs have been successfully tested as working with Anypoint Platform: • Ping Federate • OpenAM • Okta • Shibboleth • ADFS • onelogin • CA SiteMinder • For these providers, the 'Assertion Consumer Service' or 'SAML Assertion URL' is https://anypoint.mulesoft.com/accounts/login/receive-id and the 'entityID' or 'Audience URL' is any string value that identifies your organization. By convention it is <organizationDomain>.anypoint.mulesoft.com, but any value is acceptable.
  • 6. Instructions for SAML Configuration • The instructions in this document allow you to configure your Anypoint Platform organization with any of the supported SAML 2.0 providers for SSO. • To configure federated identity: • Configure your SAML provider to set up your Anypoint Platform organization as your audience. • Set the Assertion Consumer Service to send an HTTP POST request to the following address: https://anypoint.mulesoft.com/accounts/login/receive-id • Log in with an administrator account into your Anypoint organization, click on the gear icon in the Nav bar which will take you to the Access Manager user interface , and select External Identity. If you haven’t set anything yet, you should see a screen like this • Click the link for "If you would like to configure single sign on with a SAML 2.0 provider you can get started here" and then provide the necessary data in the SAML 2.0 form to set up your Anypoint organization for SSO
  • 7. Federated Organizations - Map Users to Anypoint Platform Roles • As of November 2014, Anypoint Platform provides a feature to help you map users in a federated organization’s LDAP group to an Anypoint Role. • This requires that your Anypoint Platform organization utilizes an external identity provider such as PingFederate. • This feature enables users in an organization to sign in to Anypoint Platform using the same organizational credentials and access permissions that an organization maintains using LDAP. • This ensures credential security and maintains organizational roles for accessing privileged information. • To support this feature you first need to configure an external identity following any of the methods described above, and then follow the two steps described below: • Verify SAML Information • The SAML assertion is an XML file that is issued by the external identity provider. • Log into Anypoint Platform and click the External Identity tab to verify your organization’s Identity management information.
  • 8. Client Management • Client Management allows any client connecting to your application to identify itself using OAuth 2.0. • An OAuth client application interacts with the provider´s authorization server to obtain access tokens needed to call OAuth- protected services at the Anypoint Platform´s resource server. • The only OAuth 2.0 supported IdPs that work with Anypoint Platform are openAM and Ping Federate
  • 9. openAM • If you want to use openAM for client management and if you’re not using Anypoint Platform on premises, you need to request that your account be configured in that way, as you can’t set this up manually. • Work with your MuleSoft account representative to ensure that we are aware of your needs for configuring your organization with PingFederate. • Complete the OpenAM form and MuleSoft will get back to you within 48 hours with either the completion of the configuration or follow-up questions to complete the configuration.
  • 10. Ping Federate • If you want to use Ping Federate for client management and if you’re not using Anypoint Platform on premises, you need to request that your account be configured in that way, as you can’t set this up manually. • Work with your MuleSoft account representative to ensure that we are aware of your needs for configuring your organization with PingFederate. • Complete the Ping Federate Form. After you complete this form, MuleSoft gets back to you within 48 hours with either the completion of the configuration or follow-up questions to complete the configuration.
  • 11. Single Log Out • Single log out is important so that a user or user agent can log out of an authenticated environment and ensure that both service providers and identity servers process the log out correctly. • To configure single log out: • In PingFederate, click the SP Configuration for the Anypoint Platform. • Go to Browser SSO and click Configure Browser SSO. • Under SAML Profiles, ensure that these are set: • IdP-Initiated SSO • IdP-Initiated SLO • SP-Initiated SLO • Go to Protocol Settings and click Configure Protocol Settings. • Configure a SLO Service Url with the following:
  • 12. • Under Allowable SAML Bindings, click Redirect. • Under Encryption Policy, make certain that nothing is encrypted. • Save and click Done out of Protocol Settings and Browser SSO. • When viewing the SP Configuration for Anypoint Platform, go to Credentials, and click Configure Credentials. • Under Signature Verification Settings, click Manage Signature Verification Settings. Set the Trust Model to Unanchored, and import the attached certificate. Make it the active certificate.