PhenixID MyApps
Start guide
PhenixID MyApps allows for a one stop location accessing applications both on prem and in the cloud. It provides SSO functionality and access control dependant on the logged in user.
Prerequisites : At least one SAML IDP is known by the system.
Start the guide by clicking the '+' sign next to My Apps.
Properties
Name - the display name
Description - description
URI - Path used to access the application. This must not be used by any other application in the system.
Service provider Identifier - My Apps uses SAML authenticating users. The SP entityid is used identifying the SP. If using an external IDP make sure to import myapps SAML SP metadata to establish trust. This id must be unique in the SAML federation.
Connection - The HTTP connection used to expose the application
Trusted Identity provider - The idp to use for authentication
Click Next then Create.
Edit guide configuration
You can edit and delete your configuration by selecting it in the left hand menu.
When you click save, the configuration will be updated and the server will instantly restart affected components to apply your changes.
Delete removes all configuration created by the guide but not shared components (i.e components that could be used by other configurations like connections).
General
General rab allows for configuration of the same parameters set when creating the configuration
Applications
Applications tab is where you create applications to expose to end users. Add applications by clicking add valve and select the appropriate application valve.
Service provider settings
Configure the SP entityid and signing certificate used. The link "View SAML SP meta" can be used to get the sp metadata.
Note that changing the saml entity id or certificate will probably require for re-establishing the trust with the idp.
Authentication flow
This is the PIPE that will receive the incoming SAML assertion from the IDP. Here it's possible to customise authentication to fit any additional needs.