Enabling SSO with a Third-Party Provider
With the Single Sign-On (SSO) feature enabled, you can configure your own authentication server for administrative log on and log in to RUCKUS One using a third-party authentication server.
Setting Up SSO with a 3rd Party Provider
Complete the following steps to configure SSO with
a third-party provider.
Note: Only administrators with Prime Admin role can set up
SSO.
- From the navigation bar, click .
- In the Enable SSO with 3rd Party
provider section, click Set Up. Note: Currently, only Azure Active Directory is officially supported. The following protocol is supported:
- SAML
The Set Up SSO with 3rd Party Provider sidebar is displayed. - Complete the following fields:
- Allowed Domains: Enter the domains that are allowed for user authentication. Only the users that belong to a domain included in the Allowed Domain list can access RUCKUS One. You can add multiple domains separated by commas. The allowed domains must be unique.
- ldP Metadata: Enter
the Identity Provider (IdP) Metadata that is provided by the third
party. For more information on how to get the IdP Metadata, refer to
Configuring SAML SSO with Azure AD. You have two options:
- Upload the .xml file containing the IdP Metadata.
- Click Paste IdP Metadata code or link instead and enter the IdP Metadata (XML code) or the URL in the field.
- Require SAML requests to be signed: Click the toggle switch to Yes to enable tenant administrators to sign SAML requests to an external IdP.
- Click Apply to set up the SSO. The allowed domains are displayed along with the options to Edit or Delete the IdP Metadata, View XML Code, and to Manage SSO Users.
- (Optional) Click Edit to edit the IdP Metadata.
- (Optional) Click Delete to
delete the IdP Metadata.Note: You cannot delete the SSO configuration if an admin account is associated with it.
- (Optional) Under the IdP Metadata section, click View XML Code to view the IdP Metadata.
- (Optional) Under the IdP
Metadata section, click on Manage SSO Users
to go to the Administrators page to add administrators.
- On the Administrators page, click Add Administrator. The Add New Administrator dialog box is displayed.
- For Authentication Type, select SSO with 3rd Party.
- (Optional) For First Name, enter the first name of the administrator.
- (Optional) For the Family Name, enter the family name of the administrator.
- For Invite new user, enter the email ID of the administrator.
- For Role, select the role of the administrator.
Available options are:
- Prime Admin
- Administrator
- Guest User
- Read-Only
- DPSK Manager
- Select an option under the Managed Customers
section.
- None
- All Customers (selected by default)
- Specific Customers (for the MSP end customers)
- Click Send Invitation. The newly added administrator with 3rd-party SSO authentication is displayed in the Administration page.