Contact Free trial Login

Configure SAML for SSO

Configure SAML to provide external authentication of users and Single Sign-on (SSO) capability so users don’t need to provide additional credentials when they access Anypoint Platform.

Configuring SAML for SSO involves:

  • Beginning with a configured SAML identity provider (IdP)

  • Navigating to and completing the External Identity - Identity Management SAML 2.0 form in Anypoint Platform, and optionally configuring some advanced settings

  • Saving and testing your new configuration

Prerequisites

  • Your Anypoint Platform organization must be set up as your audience.

  • The assertion consumer service must be set to send a POST request to https://anypoint.mulesoft.com/accounts/login/receive-id.

Configure SAML in Identity Management

  1. In Anypoint Platform, sign into the master organization as a user with the Organization Administrators.

  2. In Management Center, click Access Management.

  3. In the navigation menu on the left, click External Identity.

  4. Select Identity Management > SAML 2.0.

  5. Complete the required fields of the External Identity - Identity Management SAML 2.0 form:

    • Sign On URL

      Redirect URL provided by the IdP for signin, for example: https://example.com/sso/saml.

    • Sign Off URL

      URL to redirect signout requests, so users both sign out of the Anypoint Platform and have their SAML user’s status set to signed out.

    • Issuer

      ID of the identity provider instance that sends SAML assertions.

    • Public Key

      Public key provided by the identity provider, which is used to sign the SAML assertion.

    • Audience

      An arbitrary string value that identifies your Anypoint Platform organization. The typical value for this string is <organizationDomain>.anypoint.mulesoft.com.

  6. Optionally, expand Advanced settings, and provide the following values:

    • Username Attribute

      Field name in the SAML AttributeStatements that maps to username. By default, the NameID attribute of the SAML Subject in the SAML assertion is used.

    • First Name Attribute

      Field name in the SAML AttributeStatements that maps to First Name.

    • Last Name Attribute

      Field name in the SAML AttributeStatements that maps to Last Name.

    • Email Attribute

      Field name in the SAML AttributeStatements that maps to Email.

    • Group Attribute

      Field name in the SAML AttributeStatements that maps to Group.

  7. Click Save.

  8. Sign out of Anypoint Platform, navigate to the sign-on URL you entered in the Identity Management SAML 2.0 form, then sign in through your identity provider to test the configuration.

See Also

We use cookies to make interactions with our websites and services easy and meaningful, to better understand how they are used and to tailor advertising. You can read more and make your cookie choices here. By continuing to use this site you are giving us your consent to do this.