SAML with Centrify

Login to your Centrify Admin portal and click on Apps. Select add web apps. cfy-saml1 Navaigate to the Custom tab and click add on SAML app. cfy-saml2 Enter an application id for the new app and click save. cfy-saml3 Navigate to the trust tab. Choose manual configuration in service provider configuration tab. Enter your authorization domain /cdn-cgi/access/callback as SP Entity ID fields and Assertion Consumer Service (ACS) URL. Click Save. cfy-saml4 Navigate to User Access tab and click Add. You can assign access to users with specific roles to the application. cfy-saml5 cfy-saml6 cfy-saml7 Go to the SAML response tab. Click Add to create a new attribute called email and pass the email of the user as value. Click Save. cfy-saml8 cfy-saml9 Navigate to trust tab to get the identity provider information. Download the metadata xml file. Navigate to the access tab and upload the metadata. cfy-saml10 If you choose to enter manually, Select Manual Configuration and enter the following information in the Cloudflare Access modal from the Centrify portal. cfy-saml11

  • Provider Name: Name your identity provider.
  • Single Sign on URL: Copy the Single-Sign-On URL
  • Idp Entity ID: Copy the Idp Entity Id / Issuer
  • Signing Certificate: Dowlnoad and copy the certificate value between Begin Certificate and End Certificate.

Finally enter email as Email attribute in SAML assertion field. Click save and close.