Acronis - SSO configuration
Please note that this application has not been formally tested by Kelvin Zero Inc. It is provided solely as a reference guide. If you encounter any issues, kindly submit a ticket directly through the support desk.
This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for Acronis using MPAS. SSO simplifies user authentication by allowing access to multiple applications with a single set of credentials. This integration enhances security and improves user experience across your organization.
To set up Multi-Pass with Acronis, ensure you meet the following requirements:
- Acronis admin rights
- MPAS Admin rights
- Make sure that all users intended to use SSO in Acronis are registered in your IdP and have the necessary permissions to access Acronis.
- Acronis admin rights
- MPAS Admin rights
- Make sure that all users intended to use SSO in Acronis are registered in your IdP and have the necessary permissions to access Acronis.
Important: Custom elements in URLs (like realm names) are case sensitive. Make sure to match the exact casing from your environment.
Acronis - SSO configuration
Step 1 - Configure in Acronis (Service Provider)
- Sign in to the Acronis Cyber Protect Cloud Management Console as a Company Administrator.
- Go to Integrations and search for Microsoft Entra ID.
- Select the tile and click Configure to open the integration wizard.
- Follow the wizard until you reach the step that shows the SAML values to copy into your IdP.
SP Values
| Field | Value |
|---|---|
| Identifier (Entity ID) | Provided by Acronis in the integration wizard. |
| Reply URL (Assertion Consumer Service URL) | Provided by Acronis in the integration wizard. |
| Logout URL | Provided by Acronis in the integration wizard (required for Single Logout). |
Detail Setup (IdP parameters required in Acronis)
| Field | Value |
|---|---|
| Federation Metadata XML | Upload the IdP metadata XML (download it from your IdP). |
| Verification certificate (for signed requests) | Upload the IdP verification certificate if you enforce signed SAML authentication. |
| Encryption certificate (for token encryption) | Upload the IdP public certificate if enabling SAML token encryption. |
Step 2 - Configure in Multi-Pass (Identity Provider)
- Select your tenant.
- Go to Integrations
- Click on Applications.
- Under the SAML, complete the form with the values provided by Acronis
| Field | Value |
|---|---|
| Name | Acronis Cyber Protect Cloud |
| SP Entity ID / Client ID | Use the Identifier (Entity ID) from Acronis (see Step 1.2). |
| ACS URL | Use the Reply URL (Assertion Consumer Service URL) from Acronis. |
| Logout URL | Use the Logout URL from Acronis if you plan to enable Single Logout. |
- Download the x.509 that you will need to upload in Acronis
- Click on add integration
- On the left side, Click on Advanced Console.
- Select Client, search for the integration you just created.
- Verify the fields below :
General settings
| Setting | Value |
|---|---|
Client ID | Identifier (Entity ID) - Provided by Acronis in the integration wizard. |
Name | Acronis |
Description | SSO integration |
| Always Display in UI | ON |
Access settings
| Setting | Value |
|---|---|
| Home URL | https://ca.auth.kzero.com/realms/<TENANT_NAME>/protocol/saml/clients/<APP_NAME> |
| Valid Redirect URIs (ACS) | Reply URL (Assertion Consumer Service URL) - Provided by Acronis in the integration wizard. |
| IDP-Initiated SSO URL Name | <APP_NAME> |
SAML Capabilities (defaults if not specified)
| Setting | Value |
|---|---|
| Force Name ID Format | ON |
| Force POST Binding | ON |
| Include AuthnStatement | ON |
Signature & Encryption (defaults if not specified)
| Setting | Value |
|---|---|
| Sign Documents | OFF |
| Sign Assertions | ON |
- Now that you have checked the different parameters, change to the tab called “Keys”.
- Make sure that both parameters are switched to OFF.
- Now go to the “Advanced” tab.
- The field “Assertion Consumer Service POST Binding URL” must equal the Valid Redirect URIs (ACS).
Step 3 - Provisioning / Testing
- In Acronis, click Activate to enable Entra SSO; you can later review or modify integration settings, and download/upload metadata and certificates.
- Test SP-initiated SSO: from
cloud.acronis.comor your datacenter URL, sign in via SSO. - Test IDP-initiated SSO: launch from Entra (MyApps / M365 app launcher). Note: IDP-initiated SSO is not compatible if you enforce signed SAML authentication.
- Single Logout (SLO): to enable both SP- and IDP-initiated SLO, make sure the Logout URL is set in your IdP configuration for the Acronis app.
Related Articles
D2L Brightspace - SSO Integration
This application has not been formally tested by Kelvin Zero Inc. It is provided solely as a reference guide. If you encounter any issues, kindly submit a ticket directly through the support desk. This documentation provides a step-by-step guide to ...Mulesoft - SSO Integration
This application has been formally tested by Kelvin Zero Inc. This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for Mulesoft using Multi-Pass. SSO simplifies user authentication by allowing access to multiple ...Azure EAM - MPAS integration
This documentation has been tested and approved by Kelvin Zero's team This document will outline the steps required to enable MPAS as an external authentication method in Microsoft Entra ID. To set up Multi-Pass, ensure you meet the following ...Checkpoint - SSO Configuration
This documentation has been tested and approved by Kelvin Zero's team This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for Checkpoint using MPAS. SSO simplifies user authentication by allowing access to multiple ...Pipedrive – SSO configuration
This application has been formally tested by Kelvin Zero Inc. This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for Pipedrive using Multi-Pass. SSO simplifies user authentication by allowing access to multiple ...