How can I configure Naverisk to work with SSO?

AuthAnvil must be installed on a dedicated Windows Server correctly before attempting to configure Naverisk to work
with AuthAnvil. Please see our installation guides located here 

Configuring Naverisk in Single Sign On

1. Connect to the AuthAnvilServer http://(Your Domain)/AuthAnvilServer/AuthAnvil/Manager
2. Login with your 2FA Credentials.
3. Select Single Sign On > Applications > Add new Application
   
4. Select Add a custom Application.
   
   Note: Role will depend on the Roles you have configured on your SSO installation.
5. Select Protocol Configuration. Choose WS-Federation from the drop-down.
   
6. Configure the Protocol as follows:
   
   Note: Update the Reply to URL from "naverisk" to reflect your actual Naverisk webserver URL.
7. Select Save Changes

Configure Naverisk to receive Single Sing On logins

You will need to modify the Naverisk website web.config.

1. Open web.config (usually located at C:\%program files (x86)\Naverisk Website\Website\web.config) using an elevated Command Prompt (Run as Administrator). 
   

   <microsoft.identityModel>
   <service>
   <audienceUris>
   <!-- Audience URI: A unique identifier for the application so SSO knows who should receive the token -->
   <add value="https:// sitecontroller.naverisk.com /" />
   </audienceUris> <federatedAuthentication> <wsFederation passiveRedirectEnabled="true" issuer="https:// authanvil.naverisk.com/sso/federation/passive/wsfed" realm="https:// sitecontroller.naverisk.com /" requireHttps="false" />
   <cookieHandler requireSsl="false" />
   </federatedAuthentication>
   <applicationService>
   </applicationService>
   <issuerNameRegistry type="Microsoft.IdentityModel.Tokens.ConfigurationBasedIssuerNameRegistry, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35">
   <trustedIssuers><add thumbprint="09C8C186095E9D59155AE12E7A449337754536A7" name="https://authanvil.naverisk.com /AuthAnvil/SSO/Trust/site1" />
   </trustedIssuers>
   </issuerNameRegistry>
   <certificateValidation certificateValidationMode="None" />
   </service>
   </microsoft.identityModel>

2. Replace https:// sitecontroller.naverisk.com with the URL for your Naverisk server.
3. Replace https:// authanvil.naverisk.com with the Base URL of your AuthAnvil Server.
4. Gather the Token Issuer and Thumbpint from the AuthAnNvil Manager https://(Your Domain)/AuthAnvil/Manager > Single Sign On > Server Settings
    
5. Save the file.

To test this now log into your Single Sign On Portal https://(Your Domain)/SSO/ and Select the Naverisk Icon.

Questions?

If you have any questions or need some help, we would be happy to assist. Open a case at help.scorpionsoft.com or send an email to support@scorpionsoft.com.