Integrate CYBERARK with FileCloud


Before completing the following procedures, configure Apache Web Server. See SSO Configuration Step 1 on the page SAML Single Sign-On Support for configuration instructions.

As an administrator, you can integrate CYBERARK SSO via SAML into FileCloud. Once integrated your users will be able to access FileCloud with their CYBERARK credentials.

CYBERARK is a cloud-based platform

  • Manage privileged accounts and credentials
  • Secure workforce and customer identities
  • Secure and manage access for applications and other non-human identities

In this integration scenario:

  • CYBERARK must be configured as an Identity Provider (IdP)
  • FileCloud will act as the Service Provider (SP)

Configure FileCloud with CYBERARK

  1. In CYBERARK, create a new web app.
    1. Open a browser and log in to your CYBERARK admin portal.
    2. From the left navigation pane, click Web Apps.
      Cyberark Dashboard
    3. On the Web Apps screen, in the top right corner, click Add Web Apps.

    4. In the Add Web Apps popup, select the Custom tab and scroll down until you find SAML, and click Add. A confirmation panel may appear. Click Yes, and then close to access the added SAML Web App.
      Add Web App window in CyberArk

  2. In CYBERARK, configure the added SAML Web App.
    1. Click Settings in the navigation panel. In Description, enter a meaningful name such as FileCloud SSO. Click Save at the bottom-center of the screen.
      In Cyberark, enter a Settings Description

    2. Click Trust in the navigation panel, and download the metadata file.
    3. Under Identity Provider Configuration, expand IdP Entity ID /Issuer and copy the URL into a notepad.
      Web App Trust screen in Cyberark. Choose metadata and ecopy IDP Entity ID 
    4. Select Manual Configuration, and copy the Single Logout URL into a notepad as it will be used in the next steps.
      In Web App Trust screen in Cyberark click Manual Configuration and copy Single Logout URL
    5. Access the SAML Response tab in the navigation panel, and add the following attribute values:

      uid = LoginUser.Username
      mail = LoginUser.Email
      givenName = LoginUser.DisplayName
      sn = LoginUser.Shortname

  3. Export the metadata file into FileCloud and configure SSO.

    1. Configure Apache Webserver

    2. Once you have completed the Apache configuration, access the FileCloud admin portal and go to Settings> SSO and complete the following:
      1) Open the metadata file downloaded in step 2b, and copy its content into IdP Metadata.
      2) Paste the Single Logout URL copied in step 2d into IdP Log Out URL (Optional)
      3) Paste the IdP Entity ID/Issuer URL copied in step 2c into Idp Endpoint URL or EntityID
      4) Configure the following attributes:
           IdP Username Parameter = uid
           IdP Email Parameter = mail
           IdP Given Name Parameter = givenName
           IdP Surname Parameter = sn
      Click Save.

    3. Enable SSO Login. In the FileCloud admin portal, go to Customization > General > Login. Enable Show SSO Link and Show Login Options.
      FileCloud Admin Portal Customization Login screen

  4. Configure the service provider in CYBERARK.

    1. Click the Trust tab in the navigation panel for the Web App, and scroll down to Service Provider Configuration.

    2. In URL, add the following:   https://YOUR-FILECLOUD-URL/simplesaml/module.php/saml/sp/metadata.php/default-sp and click Load to download FileCloud's metadata.In Cyberark Web App Trust tab, Server Provider Configuration, Metadata selected

    3. Once you have loaded FileCloud's metadata, change the settings from Metadata to Manual Configuration and disable Encrypt SAML Response Assertion. Click Save
      In Cyberark Web App Trust tab, Server Provider Configuration, Manual Configuration selected

  5. Complete CYBERARK SSO integration.

    1. Access FileCloud's user portal and click Login In with SSO.
      FileCloud User Portal, Login screen
      You are redirected to your CYBERARK login page.
      Cyberark Login page, username

    2. Complete your user authentication.
      Cyberark Login page, password
      You are redirected to FileCloud.
      FileCloud User Portal, home page 
      Now you can use single sign-on with CYBERARK from FileCloud.