Custom authentication with CyberArk

Custom authentication with CyberArk

Configure SAML with CyberArk 

  1. Sign in to the CyberArk admin console.
  2. Click Web Apps under Apps in the left pane.
  3. Click Add Web Apps, then search for "Zoho".
  4. Click Add next to the option Zoho - SAML.
  5. Click Yes in the pop-up window that appears, then click Close. You will be redirected to the Settings page.
  6. Enter the domain name in the Zoho Domain field, then type "Zoho One" in the Name field.
    Note: To enter the domain name, sign in to your Zoho Mail account and go to the Control Panel. Click Domains, copy the value under Domain Name, then paste it in the Zoho Domain field.
  7. Click Save.
  8. Click Trust in the left menu, then check Manual Configuration under Service Provider Configuration.
  9. Enter the SP Entity ID / SP Issuer / Audience from the following table based on the Data Center (DC) your Zoho One account is present in.

    Data Center
    Corresponding Entity ID
    United States of America (US)
    zoho.com
    Europe (EU)
    zoho.eu
    India (IN)
    zoho.in
    Australia (AU)
    zoho.com.au
    China (CN)
    zoho.com.cn

  10. Enter the ACS URL in the Assertion Consumer Service (ACS) URL field.
    Note: You can find the ACS URL in Zoho One's Custom Authentication page. 


  11. Select emailAddress under NameID Format.
  12. Check Manual Configuration under Identity Provider Configuration.
  13. Click Signing Certificate, then click Download.
  14. Click Save.
  15. Copy the Login URL and Logout URL, then use the information to set up SAML in Zoho One.
    1. Paste the Login URL in the Sign-in URL field.
    2. Paste the Logout URL in the Sign-out URL field.
    3. Browse for and upload the previously-downloaded certificate in the Verification Certificate field.

Deploy the app to users 

  1. Sign in to the CyberArk admin console.
  2. Click Web Apps under Apps in the left pane.
  3. Click Zoho One, then click Permissions in the left menu.
  4. Click Add, then search for specific users or groups you want to enforce SSO for.
  5. Select the users, then click Add.
  6. Click Save.

Test the SAML connection

In the above section, make sure to add yourself so that you can test the connection.
  1. Go to Zoho One.
  2. Enter your email address, then click NEXT.
  3. Click Sign in another way.
  4. Click Sign in with SAML. You will be redirected to sign in through CyberArk.
 



    • Related Articles

    • Custom authentication with miniOrange

       Configure SAML with miniOrange  Sign in to the miniOrange admin console. Click Apps in the left menu, then click Add Application. Click Create App under SAML/WS-FED. Select Zoho from the apps displayed. You will land in the Basic Settings page. Type ...
    • Custom authentication with PingOne

      Configure SAML with PingOne  Go to PingOne. In the Select Account dropdown menu, select PingOne. Enter your email address, then click SIGN ON. Enter your password, then click Sign On. Click the dropdown menu in the left pane under Environments, then ...
    • Set up custom authentication for Zoho One

      Custom authentication enables SAML-based single sign-on (SSO) from your preferred identity provider (such as Okta or OneLogin) to Zoho One. Once custom authentication is configured, your users can sign in without their Zoho One passwords. They will ...
    • Custom authentication with OneLogin

      Custom authentication with OneLogin enables SAML-based single sign-on (SSO) from OneLogin to Zoho One. With SSO, you and your employees can sign in to OneLogin and access Zoho One directly, without having to sign in to Zoho One. To set up custom ...
    • Custom authentication with Google

      Custom authentication with Google enables SAML-based single sign-on (SSO) from Google to Zoho One. With SSO, you and your employees can sign in to Google and access Zoho One directly, without having to sign in to Zoho One. To set up custom ...