AuthAnvil Single Sign On Configuration
- Log into the AuthAnvil Manager and navigate to the Single Sign On tab.
- Click the Applications panel and click Two Factor Auth.
- Configure the application settings as follows:
- Enabled: Checked
- Display Name: Two Factor Auth
- Reply To URL: http(s)://2FAServer/AuthAnvil/Manager/logon.aspx
- Audience URI: urn:authanvil:sso:admin
- Protocol: IdP-Init
- Token Lifetime: 480 Minutes
- If you do not already have the AuthAnvil SSO certificate available, download the SSO Certificate by clicking Download Certificate in the Certificate Authority section. We will need this file for a later step.
- Click Save Changes.
- Add the AuthAnvil Two Factor Auth Manager application to the appropriate roles by clicking on a role, expanding the Accessible Applications tab and dragging the Two Factor Auth app from the right-hand side to the left-hand side.
AuthAnvil Two Factor Auth Manager Single Sign On Configuration
- If you are not still logged in from previous steps, log into your AuthAnvil Two Factor Auth Manager.
- Click the Settings tab, then the Single Sign On Settings panel.
- Check the Enable Single Sign On box to enable SSO.
- Click Select New Certificate and upload the certificate taken from Step #4 in the SSO application configuration above. This certificate must be an exact match to the current SSO certificate.
- Click Save Changes at the bottom of the page
Once the installation is complete, you should test that everything is working as expected.
- Log out of all existing AuthAnvil Two Factor Auth Manager sessions before logging in.
- Log into the SSO Portal at http(s)://2FAServer/SSO with a user that is enabled for SSO and is a member of a role that has access to the Two Factor Auth application.
- After logging in to SSO, click on the Two Factor Auth tile to log in.
- If the SSO login succeeds, you will be left at the AuthAnvil Two Factor Auth Manager dashboard. If the login fails, double-check your configuration against this guide.
If you have any questions or need some help, we would be happy to assist. Open a case at kaseya.zendesk.com .