Cisco Umbrella Integration with SecureAuth Connect (SAML)

Prerequisites

• SecureAuth Connect Workforce workspace with administrative privileges, configured with the same user store defined in your Umbrella configuration.
• User account with administrative privileges for Cisco Umbrella.

SecureAuth Connect Configuration

1. Log in to your SecureAuth Connect Workforce workspace with an admin account.
2. In your workspace, select Applications > Clients > Create client.

3. Enter a name, provide your Umbrella login URL in the Application URL field (optional, used if you want it to appear in the user portal after login), select SAML Service Provider, and click Create.

4.  Download the SAML Metadata.

5. Scroll down and enable Override SAML Attributes.

6. Go to the Attributes tab, choose mail from the predefined attribute list, and click Save to apply the changes.

7. On the SAML tab, select the Manual and set the following configurations:

Entity ID : Enter the Entity ID for Cisco Umbrella.

By default, this ID should be https://login.umbrella.com/sso.

Cisco Umbrella Configuration

1. Log in to Cisco Umbrella with an administrative account.

2. On the left side, click Admin > Authentication.

3. On the SAML Dashboard User Configuration page, click ENABLE SAML.

4. Select the Other option, then NEXT.

5. You can either download the Cisco Umbrella SAML metadata or copy the metadata from the text box and click NEXT.

   Make sure the data you specified in the previous section matches the text that appears in this box.

6. Select the XML File Upload option, upload the SecureAuth Connect metadata, then click NEXT.

7. To verify your configuration and SAML metadata, click TEST CONFIGURATION.

8. A new window displays a QR code; scan this QR code and then you should see a success message.

9. Click NEXT.

10. On the Save and Notify page, select both check boxes, and click SAVE AND NOTIFY USERS.