Hi!
Here is how to configure SAML (with your idp provider) to talk to Faspex 5.x.
Here is the IBM Aspera SAML documentation:
https://www.ibm.com/docs/en/aspera-faspex/5.0.5?topic=saml-creating-new-configuration-in-faspex
Below is the specific template configuration for Okta, to give you a specific example
SAML Configuration for Faspex 5 with Okta as your Identity Provider (also known as your IDP).
Below, angle brackets <xyz> indicate a variable specific to your customer configuration.
SSO URL: https://<faspex.domain.com>/aspera/faspex/api/v5/samls/<ID>/callback (can be the same for recipient and destination.)
Audience URI (SP Entity ID): https://<beta.faspex5.com>/aspera/faspex/api/v5/samls/<35>/saml_metadata
[Note: these are names for the same thing]
Audience Restriction: https://<faspex.domain.com/aspera/faspex/api/v5/samls/<ID>/saml_metadata
Default Relay State:
Note: If you have a custom UI, then the Relay field is not blank.
Have the custom ui use the API to faspex backend, then api redirects to Faspex 5 ui.
Name id format: unspecified
Application username: okta username (or okta username prefix)—depends on your configuration.
Update application username on : Create and update
screenshot from Okta SAML configuration screen on okta.com (your developer login)
Above, “Okta-Group” is whatever groups you have defined in your specific setup.
Here is a browser extension tool that may be helpful for debugging:
SAML-tracer — you can give the response from that to our Aspera support team.
Note: The Admin adding the SAML configuration to Faspex5 needs to be a member of the named “Okta-Group”.
#okta
#setup
#configuration
#SAML #Aspera #faspex5