ShareFile - SSO Configuration
This documentation has been tested and approved by Kelvin Zero's Team.
This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for ShareFile using Multi-Pass. SSO simplifies user authentication by allowing access to multiple applications with a single set of credentials. This integration enhances security and improves user experience across your organization.
To set up Multi-Pass with ShareFile, ensure you meet the following requirements:
- ShareFile admin rights
- MPAS Admin rights
- Make sure that all users intended to use SSO in ShareFile are registered in your IdP and have the necessary permissions to access ShareFile.
Important: Custom elements in URLs (like tenant names) are case sensitive. Make sure to match the exact casing from your environment.
ShareFile - SSO configuration
Step 1 - Configure ShareFile as the Service Provider (SP)
- Log into ShareFile as an Administrator
- Navigate to Settings > Admin Settings > Security > Login & Security Policy
- Scroll down the page to Single sign-on/SAML 2.0 Configuration
- Select Yes on Enable SAML
Step 2 - Configure Multi-Pass as the Identity Provider (IdP)
- Open Multi-Pass Dashboard
- Select the correct tenant and go to Integrations, click on Applications.
- Select SAML in the custom integration section.
- Complete the SAML setup with the following information:
| Field | Value |
|---|---|
| Client ID (=SP Entity ID) | https://<SHAREFILE-SUBDOMAIN>.sharefile.com |
| Name | ShareFile |
| Description | ShareFile SSO integration |
| Assertion Consumer Service URL | https://<SHAREFILE-SUBDOMAIN>.sharefile.com/saml/acs |
| NameID Policy Format |
- Under Tenant Certificate toggle the first box to Text and click Copy contents.
- Copy and paste the certificate into a Notepad file.
- Click Add integration.
- Click Advanced Console.
- Click Clients and search for ShareFile.
General settings
| Field | Value |
|---|---|
| Client ID | https://<SHAREFILE-SUBDOMAIN>.sharefile.com |
| Name | ShareFile |
| Description | ShareFile SSO integration |
| Always display in UI | ON |
Access settings
| Field | Value |
|---|---|
| Home URL (IdP-initiated) | https://ca.auth.kzero.com/realms/<TENANT_NAME>/protocol/saml/clients/<APP_NAME> |
| Valid Redirect URIs (ACS) | https://<SHAREFILE_SUBDOMAIN>.sharefile.com/saml/acs?idpentityid=https://ca.auth.kzero.com/realms/<TENANT> |
| IDP-Initiated SSO URL Name | <APP_NAME> |
| Valid post logout redirect URIs | https://<SHAREFILE-SUBDOMAIN>.sharefile.com/saml/acs |
SAML Capabilities
| Setting | Value |
|---|---|
| Name ID Format | |
| Force Name ID Format | ON |
| Force POST Binding | ON |
| Include AuthnStatement | ON |
Signature & Encryption
| Setting | Value |
|---|---|
| Sign Documents | OFF |
| Sign Assertions | ON |
- Now that you have checked the different parameters, change to the tab called “Keys”.
- Make sure that both parameters are switched to OFF.
- Now go to the “Advanced” tab.
- The field “Assertion Consumer Service POST Binding URL” must equal the Valid Redirect URIs (ACS).
Step 3 — Complete configuration of ShareFile as a Service Provider (SP)
- Log into ShareFile as an Administrator
- Navigate to Settings > Admin Settings > Security > Login & Security Policy
- Scroll down the page to Single sign-on/SAML 2.0 Configuration
| Field | Value |
|---|---|
| ShareFile Issuer/Entity ID | https://<SHAREFILE_SUBDOMAIN>.sharefile.com |
| Your IDP Issuer/Entity ID | https://ca.auth.kzero.com/realms/<YOUR_TENANT>/ |
| Login URL | |
- Under X.509 Certificate copy and paste the certificate you stored in the Notepad.
- Ensure you include the
-----BEGIN CERTIFICATE-----and-----END CERTIFICATE-----. - Under Optional Settings select the below values
| Field | Value |
|---|---|
| Require SSO Login | Yes |
| SP-Initiated SSO certificate | HTTP Redirect with no signature |
| Enable Web Authentication | Yes |
| SP-Initiated Auth Context | User Name and Password + Exact |
- Click Save
Related Articles
Mulesoft - SSO Integration
This application has been formally tested by Kelvin Zero Inc. This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for Mulesoft using Multi-Pass. SSO simplifies user authentication by allowing access to multiple ...D2L Brightspace - SSO Integration
This application has not been formally tested by Kelvin Zero Inc. It is provided solely as a reference guide. If you encounter any issues, kindly submit a ticket directly through the support desk. This documentation provides a step-by-step guide to ...Miro - SSO configuration
This documentation has been tested and approved by Kelvin Zero's team This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for Miro using MPAS. SSO simplifies user authentication by allowing access to multiple ...Pipedrive – SSO configuration
This application has been formally tested by Kelvin Zero Inc. This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for Pipedrive using Multi-Pass. SSO simplifies user authentication by allowing access to multiple ...Checkpoint - SSO Configuration
This documentation has been tested and approved by Kelvin Zero's team This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for Checkpoint using MPAS. SSO simplifies user authentication by allowing access to multiple ...