Centrify (SAML)
Centrify secures access to infrastructure, DevOps, cloud, and other modern enterprise so you can prevent the #1 cause of breaches – privileged access abuse.
To set up SAML with Centrify as your identity provider:
-
Log in to your Centrify admin portal and select Apps.
-
Select Add Web Apps.
-
Select the Custom tab.
-
Next to the SAML icon, select Add.
-
Enter the required information for your application.
-
Select Save.
-
Select Settings in the left pane.
-
In the middle menu pane, select Trust.
-
Choose the Manual Configuration option.
-
In the SP Entity ID and Assertion Consumer Service (ACS) URL fields, enter the following URL:
You can find your team name in Zero Trust under Settings > Custom Pages.
-
Select Save.
-
In the middle menu pane, select User Access.
-
Select Add. The Select Role dialog displays.
-
Complete your roles access assignments. The Role rules display on the User Access card.
-
In the User Access card’s middle menu pane, select SAML Response.
-
Select Active > Add to create a new Attribute Name, Email.
-
Enter the user email addresses in the Attribute Value field.
-
Select Save.
-
Select Settings again from the left menu pane, and Trust.
-
Select the Manual Configuration option.
-
In Zero Trust, go to Settings > Authentication.
-
Under Login methods, select Add new.
-
Select SAML.
-
Copy and paste the corresponding information from Centrify into the fields.
-
Select Save.
To test that your connection is working, go to Authentication > Login methods and select Test next to the login method you want to test.
Some IdPs allow administrators to upload metadata files from their SP (service provider).
To get your Cloudflare metadata file:
-
Download your unique SAML metadata file at the following URL:
-
Save the file in XML format.
-
Upload the XML document to your Centrify account.