Prerequisites
Before you proceed with the integration, ensure to complete the following prerequisites:
- Configure the following components:
- SAS PCE, deployed on an on-premise machine.
- STA Hybrid Access Management Service package contains the following components:
- Keycloak server v19.0.3, deployed on the system with the administrator setup.
- SafeNet Keycloak Agent, the integration of the Keycloak IdP with SAS PCE is facilitated by SafeNet Keycloak Agent. It is also responsible for enabling SAS user federation between Keycloak and SAS PCE.
- Obtain the SingleSignOnService URL and SingleLogoutService URL by performing the following steps:
- Download SAML2.0 identity provider metadata from Keycloak. Refer to step 1 of SAML Service Provider Application Configuration.
- Open the metadata in a text editor and copy the Locations (URLs) of the following fields as marked in the below screenshot:
- SingleSignOnService
- SingleLogoutService
- From the metadata, copy the value of X509Certificate as marked in the below screenshot and paste it in a text editor between ----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- statements. Save it as .crt file on your local machine. You will need the the certificate while configuring Keycloak as your IdP in Kintone.
