Cisco Cisco Web Security Appliance S690 User Guide
14-11
Cisco IronPort AsyncOS 7.1 for Web User Guide
OL-23207-01
Chapter 14 Controlling Access to SaaS Applications
Creating SaaS Application Authentication Policies
The uploaded certificate information is displayed on the Edit Identity
Provider Settings for SaaS Single Sign on page.
Provider Settings for SaaS Single Sign on page.
Note
After you upload the certificate and key, you can download the
generated certificate to transfer it to the SaaS applications with which
the Web Security appliance will communicate. Do this using the
Download Certificate link in the generated key area.
generated certificate to transfer it to the SaaS applications with which
the Web Security appliance will communicate. Do this using the
Download Certificate link in the generated key area.
Step 8
Submit and commit your changes.
Creating SaaS Application Authentication Policies
After you configure the Web Security appliance as an identity provider and you
configure a SaaS application for single sign-on, you can create a SaaS Application
Authentication Policy so the Web Security appliance can communicate with the
SaaS application and enable web browser single sign-on.
configure a SaaS application for single sign-on, you can create a SaaS Application
Authentication Policy so the Web Security appliance can communicate with the
SaaS application and enable web browser single sign-on.
Consider the following rules and guidelines when you configure the SaaS
application information in a SaaS Application Authentication Policy:
application information in a SaaS Application Authentication Policy:
•
The Assertion Consumer Service Location URL must be must be resolvable
within the network.
within the network.
•
The appliance constructs a single sign-on (SSO) login URL for each SaaS
application based on the value you enter the Identity Provider Domain Name
field for the appliance and the SaaS application name configured in the SaaS
policy. For more information, see
application based on the value you enter the Identity Provider Domain Name
field for the appliance and the SaaS application name configured in the SaaS
policy. For more information, see
.
To create a SaaS Application Authentication Policy:
Step 1
Navigate to the Web Security Manager > SaaS Policies page.
Step 2
Click Add Applications to create a new policy for a particular SaaS application.