Custom SAML 2.0

BlokSec can be configured as an inbound federation identity provider leveraging SAML for your application to provide your users with secure, passwordless authentication. The following article describes the process to configure authentication for SAML.

BlokSec Admin UI

1. Sign into BlokSec admin UI as a user with admin privileges for your tenant

2. On the main dashboard, click the Add Application drop-down and select Create Custom

3. Complete the application details as follows and submit:

   • SSO Type: Select SAML

   • Name: Your desired application name (we will assume this is called ‘Acme App’ for the remainder of this article)

   • Logo URI: Loation of the image URL (For example : https://bloksec.io/images/appLogo.png)

   • Backgroun URI: Location of the brackground image URL (For example : https://bloksec.io/images/appLogoBackground.png)

   • Session Length: Length of the authenticated session. Default value is set to 60 minutes.

   • EntityID: https://bloksec.io

   • NameID Source: The username format you are sending in the SAML Response. Select 'User email' or 'Account Name' based on your requirements

   • Assertion Consumer Service: The location where the SAML assertion is sent with a POST operation. This URL is required and serves as the default ACS URL value for the Service Provider (SP)

   • Single Logout Service: Specify where you want to send the sign-out response

   • Request Signed: Optional configuration to accept a signed response

   • Select Submit to save the configuration

4. Select Download and save the X.509 Signing Certificate and / or the Metadata XML file required for your Acme App configuration