Add new attachment

Only authorized users are allowed to upload new attachments.

List of attachments

Kind Attachment Name Size Version Date Modified Author Change note
png
csutom_app_new_attribute.png 55.0 kB 2 05-Dec-2023 05:32 krivacsz
png
custom_app.png 105.1 kB 1 05-Dec-2023 05:32 krivacsz
png
custom_app_assign_users.png 64.1 kB 1 05-Dec-2023 05:32 krivacsz
png
custom_app_attribute_mappings_... 43.2 kB 1 05-Dec-2023 05:32 krivacsz
png
custom_app_crushftp_settings.p... 217.3 kB 1 05-Dec-2023 05:32 krivacsz
png
custom_app_settings.png 149.6 kB 1 05-Dec-2023 05:32 krivacsz

This page (revision-43) was last changed on 05-Dec-2023 05:32 by krivacsz

This page was created on 05-Dec-2023 05:32 by krivacsz

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Difference between version and

At line 3 added 4 lines
__Restriction!!!__: Redirect of CrushFTP user to the SAML provider is not supported.\\
{{{
https://domain.com/?u=SSO_SAML&p=redirect
}}}\\
At line 8 added 59 lines
!1. Amazon SSO SAML 2.0 Configurations:
\\
Open the IAM Identity Center Console [https://console.aws.amazon.com/singlesignon] and create a new custom application.\\
\\
[custom_app.png]\\
\\
Configure the name, Application ACS URL, and SAML Audience, then submit the application.\\
{{{
Application ACS URL example:
https://your.crushftp.com/?u=SSO_SAML&p=none
}}}\\
{{{
SAML Audience example:
https://your.crushftp.com/
}}}\\
\\
[custom_app_settings.png]\\
\\
Configure the attribute mappings of your application.\\
\\
[custom_app_attribute_mappings_edit.png]\\
\\
Add new attribute mapping.\\
{{{
Maps to this string value or user attribute in IAM Identity Center:
${user:subject}
}}}\\
[csutom_app_new_attribute.png]\\
\\
__Warning:__ Assign users/groups to the created application!\\
\\
[custom_app_assign_users.png]\\
\\
!2. SAMLSSO plugin configuration\\
\\
Download the __IAM Identity Center SAML metadata__ file.\\
{{{
[Amazon SSO SAML 2.0 Configuration] [CrushFTP settings]
entityID value of IAM Identity Center SAML metadata XML file -> SAML Provider URL (EntityID)
Application SAML audience -> SAML Audience
SingleSignOnService SAML:2.0:bindings:HTTP-POST Location value
of IAM Identity Center SAML metadata XML file -> IDP Redirect URL (HTTP-POST)
IAM Identity Center SAML issuer URL -> SAML Issuer
X509Certificate value of IAM Identity Center SAML metadata XML file -> Base64 encoded PEM Signing certificate
}}}
\\
On CrushFTP SAMLSSO plugin for "__Authentication type:__" set "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport".\\
\\
{{{
urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport
}}}\\
\\
[custom_app_crushftp_settings.png]\\
\\
Version Date Modified Size Author Changes ... Change note
43 05-Dec-2023 05:32 2.164 kB krivacsz to previous
42 05-Dec-2023 05:32 2.182 kB krivacsz to previous | to last
41 05-Dec-2023 05:32 2.202 kB krivacsz to previous | to last
« This page (revision-43) was last changed on 05-Dec-2023 05:32 by krivacsz
G’day (anonymous guest)
CrushFTP11 | What's New

Referenced by
LeftMenu

JSPWiki