PhenixID

Step by Step – Rbok – MFA and SSO with PhenixID Authentication Services

Summary

This document will guide you through the steps to enable multi-factor authentication and Single-Sign On for the booking solution Rbok  (https://rbok.se/ ) using SAML2.

System Requirements

  • PhenixID Authentication Server 3.0 or higher
  • Rbok.se technical administrator contact.

Instruction

Overview

This document will guide you through the steps to enable multi-factor authentication and Single-Sign on for Rbok.

PhenixID Authentication Services acting as SAML IdP

  1. Login to Configuration Manager.
  2. Setup PhenixID Authentication Services as a SAML IdP using one of the Federation scenarios described here. (If the desired authentication method is not provided by a scenario, use the documentation for the SAML authenticator here)
  3. Select a unique userID value (such as sAMAccountName, userPrincipalName or uid), first name and last name from the user store configured. These values should be populated as additional attributes.
  4. Click Identity Provider.
  5. Add a POST SLO value: https://<your_phenixid_server>/saml/authenticate/logout/
  6. Save
  7. Click General->View SAML Metadata.
  8. Save the displayed SAML IdP metadata to a file (idp_meta.xml).
  9. Send the idp_meta.xml file and the claims (attributes) id values to your rbok.se technical administrator contact.
    Uppgift Obligatorisk Beskrivning
    Metadata Ja Url till metadata
    Claim Externt Id Ja Vilket saml attribut som innehåller användarens id (OBS värdet som sätts i detta attribu måste vara unikt).
    Claim Förnamn Ja Vilket saml attribut som innehåller användarens förnamn.
    Claim Efternamn Ja Vilket saml attribut som innehåller användarens efternamn.

Configure Rbok

This step is performed by the Rbok technical administrator contact.

The rbok.se technical administrator contact will send the SAML SP metadata for Rbok to you.

Add trust to Rbok on PhenixID Authentication Services

  1. Login to configuration manager
  2. Open Scenarios->Federation->SAML Metadata upload
  3. Click the plus sign
  4. Add Rbok SAML SP Metadata by uploading the SAML SP metadata for Rbok provided in previous step.


Test


    

  1. Browse to the Rbok site.
    2. 

  2. Select the Identity Provider
    3. 

  3. This should result in a redirect to PhenixID Authentication Server
    4. 

  4. Authenticate
    5. 

  5. If authentication was successful, a redirect to Rbok should occur (with a SAML assertion)
    6. 

  6. The user should now be logged in.
    7. 




				

			

			
DISCLAIMER

			Information provided in this document is for your information only. PhenixID makes no explicit or implied claims to the validity of this information. Any trademarks referenced in this document are the property of their respective owners.
			


			The origin of this information may be internal or external to PhenixID. PhenixID makes all reasonable efforts to verify this information.
			


			PhenixID - support.phenixid.se