0

BlackBerry Enterprise Identity for Awingu

To integrate BlackBerry Enterprise Identity (EID) with Awingu, take the following steps:

Go to the Settings of UEM and select BlackBerry Enterprise Identity.

Go to Services and press the + to add a new SAML service “ADFS Claims Provider”.

OPTIONAL: Enable Mobile ZSO or Desktop ZSO if this is a requirement for your environment and you have configured these services.

The Name in General settings requires a friendly name. This example has “My Awingu Instance”.

Service provider entity ID is the entity ID which Awingu is identified with. This should correspond with the Entity ID entered in Awingu Federated Authentication settings. This example has “Awingu”.

Assertion consumer service POST URL is the ACS url. Here you enter the URL for the SAML API of your Awingu instance and should match the setting entered in Awingu Federated Authentication settings. This example has “https://awingu.my-bblab.com/api/saml/”

Single logout service URL is not used, however EID requires this to be filled in. You may enter any url. This example has “https://awingu.my-bblab.com/foo”

Under Claims we leave the Name identifier attribute on ID and add the following claims:

UPN

SAML Attribute: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn

SAML claim type: Directory

Attribute Value: userPrincipalName

Attribute Type: anyType

Given Name

SAML Attribute: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname

SAML claim type: Directory

Attribute value: displayName

Attribute type: anyType

Save the page and enter again your freshly created profile. This profile should now show the metadata URL for your tenant. You will need to enter this URL in the Awingu configuration described in the next steps.

The next step is to configure Awingu. Log to Awingu and go to System Settings.

Go to Configure –> User Connector

At “Federated Authentication” set the following information:

Type: Pre-Authentication

Protocol: SAML

Entity Id: This is the Service provider entity ID you set earlier in EID. This example has “Awingu”

Metadata URL: Paste the metadata URL from EID as described earlier.

Username Claim URL: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn

Display Name Claim URL: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname

Awingu URL: enter your Awingu URL. This example has https://awingu.my-bblab.com

Press “Apply” and test your integration. If done correctly, it should work now.

razwer

Leave a Reply

Your email address will not be published. Required fields are marked *