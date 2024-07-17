Connect to Adobe Acrobat Sign through Access
This guide covers how to configure Adobe Acrobat Sign as a SAML application in Cloudflare Zero Trust.
Prerequisites
- An identity provider configured in Cloudflare Zero Trust
- Admin access to a Adobe Acrobat Sign account
- A claimed domain in Adobe Acrobat Sign
1. Add a SaaS application to Cloudflare Zero Trust
- In Zero Trust, go to Access > Applications.
- Select Add an application > SaaS.
- For Application, enter
Adobe Signand select the corresponding textbox that appears.
- For the authentication protocol, select SAML.
- Select Add application.
- Copy the Access Entity ID or Issuer, Public key, and SSO endpoint.
- Keep this window open without selecting Select configuration. You will finish this configuration in step 3. Finish adding a SaaS application to Cloudflare Zero Trust.
2. Add a SAML SSO provider to Adobe Sign
- In Adobe Acrobat Sign, select your profile picture > your name > Account Settings > SAML Settings.
- Turn SAML Allowed on.
- Enter a hostname (for example,
yourcompanyname). Users can use this URL or
https://secure.adobesign.com/public/loginto sign in via SSO.
- (Optional) For Single Sign On Login Message, enter a custom message (for example,
Log in via SSO). The default message is Sign in using your corporate credentials.
- Fill in the following fields:
- Entity ID/Issuer URL: Access Entity ID or Issuer from application configuration in Cloudflare Zero Trust.
- Login URL/SSO Endpoint: SSO endpoint from application configuration in Cloudflare Zero Trust.
- IdP Certificate: Public key from application configuration in Cloudflare Zero Trust. Wrap the certificate in
-----BEGIN CERTIFICATE-----and
-----END CERTIFICATE-----.
- Copy the Entity ID/SAML Audience and Assertion Consumer URL.
- Select Save.
3. Finish adding a SaaS application to Cloudflare Zero Trust
- In your open Zero Trust window, fill in the following fields:
- Entity ID: Entity ID/SAML Audience from Adobe Acrobat Sign SAML SSO configuration.
- Assertion Consumer Service URL: Assertion Consumer URL from Adobe Acrobat Sign SAML SSO configuration.
- Name ID format: Email
- Select Save configuration.
- Configure Access policies for the application.
- Select Done.
4. Test the integration and finalize configuration
- Open an incognito browser window and go to your Adobe Sign hostname URL or
https://secure.adobesign.com/public/login. Select the option to sign in via SSO (Sign in using your corporate credentials if you have not configured a custom message). You will be redirected to the Cloudflare Access login screen and prompted to sign in with your identity provider.
- Once this is successful, you can make sign in via SSO mandatory. Select your profile picture > your name > Account Settings > SAML Settings, and then turn on SAML Mandatory. Keeping Allow Acrobat Sign Account Administrators to log in using their Acrobat Sign Credentials turned on will allow administrators to log in even if your account experiences SSO issues.