Configuring Single Sign-on from the VMware Identity Manager Service to Marketo

Similar documents
Configuring Single Sign-on from the VMware Identity Manager Service to Trumba

Configuring Single Sign-on from the VMware Identity Manager Service to Exterro E-Discovery

Configuring Single Sign-on from the VMware Identity Manager Service to Vizru

Configuring Single Sign-on from the VMware Identity Manager Service to Collibra

Configuring Single Sign-on from the VMware Identity Manager Service to Bonusly

INTEGRATING OKTA: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL VMware Workspace ONE

REVIEWERS GUIDE NOVEMBER 2017 REVIEWER S GUIDE FOR CLOUD-BASED VMWARE WORKSPACE ONE: MOBILE SINGLE SIGN-ON. VMware Workspace ONE

INSTALLATION AND SETUP VMware Workspace ONE

IMPLEMENTING SINGLE SIGN-ON (SSO) TO KERBEROS CONSTRAINED DELEGATION AND HEADER-BASED APPS. VMware Identity Manager.

Setting Up Resources in VMware Identity Manager (SaaS) Modified 15 SEP 2017 VMware Identity Manager

Integrating VMware Workspace ONE with Okta. VMware Workspace ONE

Cloud Pod Architecture with VMware Horizon 6.1

RSA SecurID Access SAML Configuration for Datadog

VMWARE HORIZON CLOUD WITH VMWARE IDENTITY MANAGER QUICK START GUIDE WHITE PAPER MARCH 2018

VMware Workspace ONE Quick Configuration Guide. VMware AirWatch 9.1

CONFIGURING BASIC MACOS MANAGEMENT: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL VMware Workspace ONE

Using VMware Horizon Workspace to Enable SSO in VMware vcloud Director 5.1

Administering Workspace ONE in VMware Identity Manager Services with AirWatch. VMware AirWatch 9.1.1

Setting Up Resources in VMware Identity Manager (On Premises) Modified on 30 AUG 2017 VMware AirWatch 9.1.1

Integrating AirWatch and VMware Identity Manager

CONFIGURING AD FS AS A THIRD-PARTY IDP IN VMWARE IDENTITY MANAGER: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL VMware Workspace ONE

EXPLORING MONITORING AND ANALYTICS VMware Horizon

VMware Identity Manager Integration with Office 365

MANAGING ANDROID DEVICES: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL VMware Workspace ONE

RSA SecurID Access SAML Configuration for Kanban Tool

Integrating the YuJa Enterprise Video Platform with Dell Cloud Access Manager (SAML)

Setting Up Resources in VMware Identity Manager

Setting Up Resources in VMware Identity Manager 3.1 (On Premises) Modified JUL 2018 VMware Identity Manager 3.1

Setting Up Resources in VMware Identity Manager. VMware Identity Manager 2.8

Integrating VMware Horizon Workspace and VMware Horizon View TECHNICAL WHITE PAPER

ARCHITECTURAL OVERVIEW REVISED 6 NOVEMBER 2018

VMware Identity Manager Integration with Office 365

RSA SecurID Access SAML Configuration for StatusPage

VMware Identity Manager Administration. MAY 2018 VMware Identity Manager 3.2

Enabling Single Sign-On Using Okta in Axon Data Governance 5.4

Using VMware Identity Manager Apps Portal

Guide to Deploying VMware Workspace ONE. VMware Identity Manager VMware AirWatch 9.1

Guide to Deploying VMware Workspace ONE. DEC 2017 VMware AirWatch 9.2 VMware Identity Manager 3.1

ComponentSpace SAML v2.0 Okta Integration Guide

REVISED 6 NOVEMBER 2018 COMPONENT DESIGN: VMWARE IDENTITY MANAGER ARCHITECTURE

Guide to Deploying VMware Workspace ONE with VMware Identity Manager. SEP 2018 VMware Workspace ONE

Okta SAML Authentication with WatchGuard Access Portal. Integration Guide

VMware Identity Manager Administration

USING PRODUCT PROVISIONING TO DELIVER FILES TO WINDOWS 10: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL VMware Workspace ONE

Horizon Workspace Administrator's Guide

OneLogin SAML Authentication with WatchGuard Access Portal. Integration Guide

Integration Guide. SafeNet Authentication Service. Protecting SugarCRM with SAS

Configuring Confluence

INTEGRATING WITH DELL CLIENT COMMAND SUITE: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL VMware Workspace ONE

Request Manager User's Guide

Integrating YuJa Active Learning into Google Apps via SAML

Deploying VMware Workspace ONE Intelligent Hub. October 2018 VMware Workspace ONE

RSA SecurID Access SAML Configuration for Samanage

A: SETTING UP VMware Horizon

REVISED 6 NOVEMBER 2018 COMPONENT DESIGN: UNIFIED ACCESS GATEWAY ARCHITECTURE

Introduction to application management

vrealize Orchestrator Load Balancing

Centrify for Dropbox Deployment Guide

Add OKTA as an Identity Provider in EAA

vrealize Production Test Upgrade Assessment Guide

Integration Guide. SafeNet Authentication Service. Using SAS as an Identity Provider for Better MDM

esignlive SAML Administrator's Guide Product Release: 6.5 Date: July 05, 2018 esignlive 8200 Decarie Blvd, Suite 300 Montreal, Quebec H4P 2P5

PROVIDING SECURE ACCESS TO VMWARE HORIZON 7 AND VMWARE IDENTITY MANAGER WITH THE VMWARE UNIFIED ACCESS GATEWAY REVISED 2 MAY 2018

vrealize Orchestrator Load Balancing

Using vrealize Operations Tenant App as a Service Provider

Slack Cloud App SSO. Configuration Guide. Product Release Document Revisions Published Date

Configuring OneSign 4.9 Virtual Desktop Access with Horizon View HOW-TO GUIDE

VMware AirWatch Integration with SecureAuth PKI Guide

APPLYING AND TROUBLESHOOTING PREDEFINED SETTINGS VMware Horizon

Android Mobile Single Sign-On to VMware Workspace ONE. SEP 2018 VMware Workspace ONE VMware Identity Manager VMware Identity Manager 3.

SafeNet Authentication Manager

Using the vrealize Orchestrator Operations Client. vrealize Orchestrator 7.5

Installing and Configuring vcloud Connector

TECHNICAL WHITE PAPER AUGUST 2017 REVIEWER S GUIDE FOR VIEW IN VMWARE HORIZON 7: INSTALLATION AND CONFIGURATION. VMware Horizon 7 version 7.

Configure Unsanctioned Device Access Control

MyWorkDrive SAML v2.0 Okta Integration Guide

Table of Contents. Configure and Manage Logging in to the Management Portal Verify and Trust Certificates

Workspace ONE UEM Integration with RSA PKI. VMware Workspace ONE UEM 1810

About This Document 3. Overview 3. System Requirements 3. Installation & Setup 4

VMware Horizon Migration Tool User Guide

WebEx Connector. Version 2.0. User Guide

Configuring the vrealize Automation Plug-in for ServiceNow

Webthority can provide single sign-on to web applications using one of the following authentication methods:

Morningstar ByAllAccounts SAML Connectivity Guide

VMware AirWatch Integration with RSA PKI Guide

VMware Workspace Portal End User Guide

Integration Guide. PingFederate SAML Integration Guide (SP-Initiated Workflow)

VMware AirWatch Workspace ONE Send Admin Guide Configuring and deploying Workspace ONE Send

What s New in VMware vcloud Automation Center 5.1

SafeNet Authentication Manager

VMware Identity Manager Administration

Pulse Workspace Appliance. Administration Guide

Protecting SugarCRM with SafeNet Authentication Manager

Configuring and Delivering Salesforce as a managed application to XenMobile Users with NetScaler as the SAML IDP (Identity Provider)

Workspace ONE UEM Notification Service. VMware Workspace ONE UEM 1811

Google SAML Integration

Integration Guide. SafeNet Authentication Manager. Using SAM as an Identity Provider for PingFederate

<Partner Name> <Partner Product> RSA SECURID ACCESS Implementation Guide. Pulse Connect Secure 8.x

Quick Connection Guide

McAfee Cloud Identity Manager

Transcription:

Configuring Single Sign-on from the VMware Identity Manager Service to Marketo VMware Identity Manager JANUARY 2016 V1

Configuring Single Sign-On from VMware Identity Manager to Marketo Table of Contents Overview... 1 Adding Marketo to VMware Identity Manager Catalog... 1 Add Marketo to the Catalog... 1 Locate Identity Provider SAML Metadata... 2 Download SAML-Signing Certificate... 3 Setting up Marketo... 3 Get Your Marketo Account ID... 3 Enable SAML in Marketo... 4 Update Redirect Page Settings... 5 Testing Single Sign-on Configuration... 5 Set up User in VMware Identity Manager for Testing... 5 Set up a User in Marketo for Testing... 6 Verify Test-User can Sign into Marketo... 6 Completing the Configuration in the Catalog... 6 Entitle Users to Marketo... 7

Overview This document provides information about configuring SAML-based single sign-on from the VMware Identity Manager service to Marketo. Marketo is a marketing automation software company that develops a category of software that streamlines, automates, and measurers marketing tasks and workflows to increase efficiencies in marketing environments. When Marketo is configured in the VMware Identity Manager catalog, users sign in to from their Identity Manager apps portal to use Marketo software or if they sign in to their Marketo account directly, they are redirected to the VMware Identity Manager sign in page to enter their sign-in credentials You must have an administrator account for the VMware Identity Manager service, as well as an administrator account for Marketo. Adding Marketo to VMware Identity Manager Catalog To enable single sign-on to Marketo on the service, you must configure the app in the catalog. Before you can configure Marketo in the Catalog, you must know the Marketo account ID. See Get Your Marketo Account ID on page 4 Add Marketo to the Catalog 1. Log in to the VMware Identity Manager administration console. 2. In the Catalog page, click Add Application >...from the cloud application catalog. 3. Click the Marketo icon. 4. Click Configuration FIELD Launch URL RelayState CONFIGURED VALUE Automatically populated with your launch URL. } Proxy Count Login Redirection URL Include Destination Sign Response Enabled Enabled Sign Assertion Include Cert /1

Allow API Access Configure Via Assertion Consumer Service* Name ID Format Name ID Value Custom value Recipient Name* Audience* Assertion Lifetime Automatically populated with the URL the SAML is posted to. https://login.marketo.com/saml/assertion/{munchkinaccountid}r Email address Populated with ${user.email}/ The SP s assertion consumer service URL populated as https://login.marketo.com/saml/assertion/{munchkinaccountid} The SP s unique identified populated with http://saml.marketo.com/sp Populated with a value of 200 seconds Signing Certificate Application Parameters Must be configured. See step 5. Attribute Mapping 5. In the Applications Parameter section, the Munchkin account ID in the Value field. 6. Click Save. Locate Identity Provider SAML Metadata You must know the VMware Identity Provider identity provider metadata xml URL to configure Marketo. 1. In the Catalog > Settings tab, click SAML Metadata. 2. In the SAML Metadata section, click Identity Provider (IdP) metadata to display the metadata content. Save the URL. The URL is similar to this example. https://myco.vmwareidentity.com/saas/api/1.0/get/metadata/idp.xml. /2

Download SAML-Signing Certificate You must have a copy of the signed certificate from the VMware Identity Manager service for the Marketo configuration. 1. In the Catalog > Settings tab, click SAML Metadata. 2. Copy and save the Signing Certificate text as a.pem file on your computer. Make sure that you include text from -----BEGIN CERTIFICATE---- through ---------END CERTIFICATE-----. Setting up Marketo Refer to the Marketo documentation for complete configuration instructions to enable SAML single sign-on in Marketo. Get Your Marketo Account ID The Marketo account ID is configured in VMware Identity Manager when you add Marketo to the Catalog. 1. Sign in to the Marketo admin console as the admin user and navigate to the Admin > Integration > Munchkin page. 2. In the Tracking Code section, copy and save the Munchkin Account ID. /3

Enable SAML in Marketo 1. Sign in to the Marketo admin console as the admin user and navigate to the Admin > Single Sign-On page. 2. In the SAML Settings section, click Edit 3. In the Edit SAML Settings dialog box complete the following fields. FIELD DESCRIPTION SAML Single Sign On Issuer ID Entity ID Select Enabled from the drop-down menu. Enter the VMware Identity Manager SAML Metadata URL you saved from the identity manager admin console. Enter as https://myco.vmwareidentity.com/saas/api/1.0/get/metadata/idp.xml Enter the domain name. For example, myco.vmwareidentity.com User ID Location Identity Provider Certificate Select In Name identifier element of Subject. Click Browse and select the identity manager SAML-Signing certificate file you saved earlier. Click Choose. 4. Click Save. /4

Update Redirect Page Settings 1. Under the Redirect Pages section, click Edit. 2. In the Edit Redirect Pages dialog box, complete the following fields. FIELD Logout URL Error URL 3. Click Save. DESCRIPTION This is the URL users are directed to when they log out of Marketo. Enter the VMware Identity Manager logout URL in the format https://myco.vmwareidentity.com/saas/auth/logout Replace myco.vmwareidentity.com with your company s VMware Identity Manager service domain name. This is the URL users are directed to when they cannot sign into Marketo. Enter the error URL the format https://myco.vmwareidentity.com/error/. Testing Single Sign-on Configuration Test your single sign-on configuration with a small number of users before deploying the application across your organization. Set up User in VMware Identity Manager for Testing 1. Log in to the VMware Identity Manager administration console. 2. In the Users & Groups page, click Users and ensure that the user you are testing is in the list of users. 3. In the Catalog page, click on the Marketo application. 4. Click Entitlements. 5. Click +Add user entitlement. 6. Select the test user and change the DEPLOYMENT field value for the user to Automatic. For example: /5

7. Click Save, then click Done. 8. In the top-right corner of the page, click your user name and select Logout. Set up a User in Marketo for Testing 1. Sign in to the Marketo admin console as the admin user and navigate to the Admin > Users& Roles page. 2. Click Invite New User. 3. Enter the test user s first name, last name and email address. Select a role for the test user. 4. Click Invite. The test user receives an email with instructions about how to activate the Marketo account. Next, verify that the test user can sign in to the My Apps portal. Verify Test-User can Sign into Marketo 1. Sign in to the user portal as the test user. 2. Click the Marketo icon on the My Apps page. You should now have single sign-on access to Marketo. Completing the Configuration in the Catalog In addition to configuring the Web application for single sign-on to the service, you can configure additional settings to add an access policy, set up app licensing requirements, and entitle users and groups to the app. /6

Entitlements Access Policies Licensing After you configure a Web application, you can add group entitlements and entitle individual users to the Web app. The VMware Identity Manager service includes a default policy that is automatically assigned to the Web app when you add the app to the Catalog. If you do not want to use the default access policy, create a new access policy and in the Access Policies link, select the access policy to use for this Web application. For example, you can create a stricter policy than the default, with rules that specify which IP addresses have access to the application, using which authentication methods, and for how long until reauthentication is required. See the VMware Identity Manager documentation at http://pubs.vmware.com. Licensing can be used to require users to request license approval before they can access the application. You can add additional information, including pricing, license type, cost per license and the number of licenses. You can run the Resource Usage report to see the licensing information for the application. Entitle Users to Marketo You can activate single sign-on for all users. Before you do so, ensure that all the user accounts are provisioned in Marketo. Note: If you want to make sure that users sign in to Marketo using single sign-on from the identity manager, in the Marketo admin console Admin > Login Settings > Edit Security Settings > Password Strength Settings page, enable Require SSO. 1. Log in to the VMware Identity Manager administration console. 2. In the Catalog page, click Marketo. 3. In the Modify application page, click Entitlements. 4. Click +Add group entitlement. 5. Select ALL USERS and change the DEPLOYMENT TYPE field value to Automatic. 6. Click Save, then click Done. /7

VMware, Inc. 3401 Hillview Avenue Palo Alto CA 94304 USA Tel 877-486-9273 Fax 650-427-5001 www.vmware.com Copyright 2016 VMware, Inc. All rights reserved. This product is protected by U.S. and international copyright and intellectual property laws. VMware products are covered by one or more patents listed at http://www.vmware.com/go/patents. VMware is a registered trademark or trademark of VMware, Inc. in the United States and/or other jurisdictions. All other marks and names mentioned herein may be trademarks of their respective companies.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback