SAML 2.0: Log Into SearchUnify with an Identity Provider

SearchUnify is SAML 2.0 compatible. You can configure it to work with popular identity providers (IdP), such as Okta, Azure, OneLogin, and CyberArk. The entire configuration consists of two parts: Create an app in an IdP and Enter app details in SSO Sign In.

Prerequisites

Obtain a security certificate from your IdP. The certificate is stored in a file with the extension .pem.

Create an App in an IdP

The instructions vary with the IdP. Follow the instructions for your IdP:

Enter App Details in SSO Sign In

SSO Sign In hosts two forms, Admin SSO Configuration and Hosted SSO Url. Both are mandatory.

Admin SSO Configuration

  1. Go to Administration > Manage Users > SSO Sign In.

  2. Pick your IdP from Please select an Application. For IdPs other than Azure and Okta, select Others.

  3. In SSO Login URL, enter Identity Provider Single Sign-On URL for OKTA or SAML 2.0 Endpoint (HTTP) for is Azure.

  4. In SSO Logout URL, enter Identity Provider Single Logout URL for OKTA or SLO Endpoint (HTTP) for Azure.

  5. Upload the .pem file generated in your IdP in Certificate. An alternative is to open the .pem file in a text editor and paste its content into Certificate.

  6. Click Save. Then toggle on Activate SSO.

Hosted SSO Configuration

  1. Jump to Hosted SSO Configuration.

  2. Pick an app from Please select an Application.

  3. In SSO Login URL, enter Identity Provider Single Sign-On URL (for OKTA) or SAML 2.0 Endpoint (HTTP) (for Azure).

  4. In SSO Logout URL, enter Identity Provider Single Logout URL (for OKTA) or SLO Endpoint (HTTP)(for Azure).

  5. Upload the .pem file generated in your IdP in Certificate. An alternative is to open the .pem file in a text editor and paste its content into Certificate.

  6. In Enter Hosted Search Client URL, enter the web address.

  7. Toggle on Activate SSO and click Save.

Your users can now log into SearchUnify. Each user who logs in from the identity management software is added to the Hosted Search Users list. To stop the service, you can toggle Activate SSO to the left. That deactivates the service.

For details, go to Hosted Search Users: View Users Logging into SearchUnify from an Identity Management Software