Resolve supports IDP Initiated SAML 2.0 for authentication. To configure SAML, NetSPI will need the IDP Metadata XML file.

Okta

  1. Add an Okta SAML application
  2. General Information
    1. Callback URL: https://resolve.netspi.com/api-gateway/callback/saml2
    2. Audience URI (SP Entity ID): https://resolve.netspi.com
    3. Single Sign On URL: https://resolve.netspi.com/api-gateway/callback/saml2
    4. Recipient URL: https://resolve.netspi.com/api-gateway/callback/saml2
    5. Destination URL: https://resolve.netspi.com/api-gateway/callback/saml2
    6. Audience Restriction: https://resolve.netspi.com/api-gateway/callback/saml2
    7. Default Relay State: blank
    8. Name ID Format: EmailAddress
    9. Application Username: Okta Username
  3. Attribute Statements
    1. firstname: user.firstname
    2. lastname: user.lastname
    3. email: user.email
  4. Complete and finish app creation
  5. Send the metadata file to NetSPI to import.



Microsoft Azure Active Directory

  1. Within Azure->Azure Active Directory, add an Enterprise Application 
  2. Go to Set up single sign on
  3. General Information
    1. Identifier (Entity ID): resolvedevsso 
    2. Reply URL (Assertion Consumer Service URL): https://resolve.netspi.com/api-gateway/callback/saml2
    3. User Attributes & Claims:
      1. lastname: user.surname
      2. firstname: user.givenname
      3. givenname: user.givenname
      4. email: user.othermail (or user.mail)
      5. emailaddress: user.othermail (or user.mail)
      6. name: user.otheremail, user.userprincipalname, or user.mail
      7. Unique User Identifier: user.othermail (or user.mail)
  4. Download Federation Metadata XML by clicking Download on the application
  5. Navigate to Administration > Authentication > SAML in Resolve and add a new IDP, supplying the downloaded file



Google Workspaces

  1. Within admin.google.com->Apps->Web and Mobile Apps 
  2. Add App->Add custom SAML app
    1. App name -> Relevant application name (NetSPI Resolve)
    2. Description -> Login to NetSPI Resolve
    3. App icon:  
    4. Click on DOWNLOAD METADATA (the xml file downloaded will be sent to NetSPI)
  3. Service provider details
    1. ACS URL: https://resolve.netspi.com/api-gateway/callback/saml2
    2. Entity ID: NetSPI Resolve
    3. Name ID format: EMAIL
    4. Name ID: Basic Information > Primary email
  4. Attributes:
    1. Primary email -> email
    2. First name -> firstname
    3. Last name -> lastname
    4. Phone number -> phone