Blue Prism - SSO configuration
Please note that this application has not been formally tested by Kelvin Zero Inc. It is provided solely as a reference guide. If you encounter any issues, kindly submit a ticket directly through the support desk.
This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for Blue Prism using MPAS. SSO simplifies user authentication by allowing access to multiple applications with a single set of credentials. This integration enhances security and improves user experience across your organization.
To set up Multi-Pass with Blue Prism, ensure you meet the following requirements:
- Blue Prism admin rights
- MPAS Admin rights
- Make sure that all users intended to use SSO in Blue Prism are registered in your IdP and have the necessary permissions to access Blue Prism.
Important: Custom elements in URLs (like realm names) are case sensitive. Make sure to match the exact casing from your environment.
Blue Prism - SSO configuration
Step 1 - Configure Blue Prism (Service Provider)
Blue Prism requires you to contact their support team to have them configure the back end for SAML SSO. Provide Blue Prism with the XML file you downloaded earlier from Multi-Pass.
- Contact Blue Prism Support and request SAML SSO activation.
- Provide the downloaded Tenant XML file from Multi-Pass to Blue Prism.
Step 2 - Configure Multi-Pass (Identity Provider)
- Select the correct tenant and go to Integrations, click on Applications.
- Select SAML in the custom integration section.
- Complete the SAML setup with the following information:
| Field | Value |
|---|---|
| Client ID (=SP Entity ID) | https://<Company Account URL>/realms/<Account ID> |
| Name | blueprism |
| Description | Blue Prism SSO integration |
| Assertion Consumer Service URL | https://<Company Account URL>/realms/<Account ID>/broker/sso/endpoint |
| NameID Policy Format |
- Under Tenant XML Data, click Download and save the file locally (to be provided to Blue Prism Support).
- Click Add integration.
- Click Advanced Console.
- Click Clients and search for Blue Prism.
- From this screen, review the following configuration sections:
General settings
| Field | Value |
|---|---|
| Client ID | https://<Company Account URL>/realms/<Account ID> |
| Name | blueprism |
| Description | Blue Prism SSO integration |
| Always display in UI | ON |
Access
| Field | Value |
|---|---|
| Home URL (IdP-initiated) | https://ca.auth.kzero.com/realms/<TENANT_NAME>/protocol/saml/clients/<APP_NAME> |
| Valid Redirect URIs (ACS) | https://<Company Account URL>/realms/<Account ID>/broker/sso/endpoint |
| IDP-Initiated SSO URL Name | <APP_NAME> |
| Valid post logout redirect URIs | https://<Company Account URL>/realms/<Account ID>/broker/sso/endpoint |
SAML Capabilities
| Setting | Value |
|---|---|
| Name ID Format | |
| Force Name ID Format | ON |
| Force POST Binding | ON |
| Include AuthnStatement | ON |
Signature & Encryption
| Setting | Value |
|---|---|
| Sign Documents | OFF |
| Sign Assertions | ON |
- Now that you have checked the different parameters, change to the tab called Keys.
- Make sure that both parameters are switched to OFF.
- Now go to the Advanced tab.
- The field Assertion Consumer Service POST Binding URL must equal the Valid Redirect URIs (ACS).
Related Articles
SAML SSO Integration Guide
This guide provides an overview of how to configure SAML Single Sign-On (SSO) between Multi-Pass and a third-party Service Provider (SP). Multi-Pass acts as the Identity Provider (IdP) in this federation model. Multi-Pass is working on SCIM support ...D2L Brightspace - SSO Integration
This application has not been formally tested by Kelvin Zero Inc. It is provided solely as a reference guide. If you encounter any issues, kindly submit a ticket directly through the support desk. This documentation provides a step-by-step guide to ...Notion - SSO configuration
Please note that this application has not been formally tested by Kelvin Zero Inc. It is provided solely as a reference guide. If you encounter any issues, kindly submit a ticket directly through the support desk. This documentation provides a ...Vanta - SSO configuration
This documentation has been tested and approved by Kelvin Zero's team This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for Vanta using MPAS. SSO simplifies user authentication by allowing access to multiple ...Heap - SSO configuration
Please note that this application has not been formally tested by Kelvin Zero Inc. It is provided solely as a reference guide. If you encounter any issues, kindly submit a ticket directly through the support desk. This documentation provides a ...