Single Sign-On (SSO) is an authentication method that allows users to securely authenticate to multiple apps and websites using a single set of credentials.

SSO Authentication can be Enabled or Disabled for SearchBlox Admin Console.

Enable SSO Authentication

To Enable SSO Authentication SAML Configuration is needed.
SAML Configuration fields are listed in the following table.

FieldDescription
SearchBlox URLThis is the base URL used to generate the SearchBlox Service Provider(SP) Metadata file for SSO.
URL Format Example:
<Host/Domain Name>: port,
: port.
IdP Metadata XML FileUpload the Identity Provider (IdP) Metadata XML File for SAML SSO.
SP Metadata XML FileDownload the SP Metadata XML File. This is a one time UI option provided immediately after uploading the IdP metadata XML file and Save the SAML configuration. You can also view the SP Metadata file information using https://localhost:8443/meta-saml
Entity IDIf the EntityID is configured, its value will be added to the Service Provider metadata file. Otherwise, the default ACS URL will be taken. Example URL: https://<ip/domain>/saml/callback?client_name=SAML2Client

📘

Note:

  1. Please restart SearchBlox once you upload IdP Metadata XML file. Once restarted, please find the SP Metadata file(sp-metadata.xml) under the path: . This file has to be uploaded to the Identity Provider.
  2. SearchBlox re-login is required to use SSO user authentication after downloading the service provider file and uploading it to the IdP provider. Make sure to use Browser's private window to avoid caching issues.

SSO Authorized Users

SSO users must be added to IdP and SearchBlox Realm. Users of SearchBlox Realm are considered SSO authorized users. Users can be added and managed by clicking the link as shown in the below screenshot. Added users can be filtered by using the filter option on the top right corner of the SSO Authorized Users, as shown in the following screenshot.

❗️

CAUTION

When you disable SSO, existing SAML configuration will be cleared. If you want to re-enable SSO, all the settings have to be configured again.


What’s Next