This article will walk you through the configuration for single sign-on and managing access into your Watchman Monitoring® Dashboard using Centrify.
I. Define who will have access to your Watchman Monitoring® Dashboard
1) Log into the Centrify Admin Portal and create a Role for users that you want to grant access to log into the Watchman client monitoring portal. In the left column navigate to Core Services > Roles. In the right pane click on the Add Role button.
2) Give the role a name then select Members. Click on the Add button to add users or groups from Active Directory, G Suite, Centrify directory, or any other federated directory. To remove access, select the user(s) or group(s), then click on Action and select Delete.
II. Configure SAML integration between Centrify and Watchman Monitoring®
1) Log into the Centrify Admin Console. In the left column select Apps then click on the Add Web Apps button.
2) Go to the Custom tab, then look for SAML and click on the Add button next to it.
3) Click Yes to add the web app configuration, then click Close. You should see the SAML application settings.
4) Under Application Settings, scroll down to Identity Provider SAML Meta data URL and copy the URL.
Keep this window open, and open a new tab or browser window.
5) In the new browser tab or window, log into your Watchman Monitoring® Dashboard (or https://app.monitoringclient.com/admin/security) and navigate to Settings > Security.
6) Select Enable SAML SSO to display the SAML SSO configuration options.
7) Select I have a SAML metadata URL, then paste the URL you copied in step 4 into the SAML IdP Metadata URL field.
Optionally select the option to disable password based sign-in.
8) Copy the SP Endpoint URL.
9) Go back to the Centrify Admin Portal and scroll to the top of the SAML application settings, then paste the SP Endpoint URL copied in step 9 into the Assertion Consumer Service URL field.
10) Back in the Watchman Monitoring® Dashboard, configure the settings for Default Permissions for New Users Created Using SAML and Default Group Permissions for Users Created Using SAML.
11) Because SAML authentication is configured, Watchman Monitoring will disallow local authentication, with or without their built in two factor authentication. You can configure multi-factor authentication through Centrify instead.
12) Back in the Centrify Admin Portal, navigate to Description to customize the display name, category, and application tile logo.
13. Navigate to User Access and select the role you created to grant appointed users access.
Users in this role will now see the Watchman Monitoring® Dashboard application tile in the Centrify User Portal.
Logging in with SAML single sign-on
There are two ways to log into Watchman Monitoring® Dashboard with single sign-on.
1) Log on to the Watchman Monitoring® Dashboard directly and select the Sign in with SSO button at the login page.
2) Log in through the Centrify user portal and select the Watchman Monitoring® application tile you created.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.