Accellion cloud application

You must be signed in as a super administrator for this task.

 

With Security Assertion Markup Language (SAML), your users can sign in to enterprise cloud applications with their Google Cloud credentials.

Set up SSO via SAML for Accellion

Before configuring SSO, ask Accellion® support to provide a unique subdomain for your organization. Contact support@accellion.com to set one up and allow one business day for setup.

Step 1: Set up Google as a SAML identity provider (IdP)
  1. Sign in to your Google Admin console.

    Sign in using your administrator account (does not end in @gmail.com).

  2. From the Admin console Home page, go to Apps and then SAML Apps.

    To see Apps on the Home page, you might have to click More controls at the bottom. 

  3. Click the plus (+) icon at the bottom right.
  4. Locate and click Accellion in the application list.
  5. On the Google IDP Information page:
    • Copy and save the SSO URL.
    • Download the Certificate.
  6. Click Next.

    The Basic information window shows the Application name and Description seen by users.

  7. Click Next.
  8. On the Service Provider Details page, edit the ACS URL,  replacing {your‑domain} with your subdomain name provided by Accellion.
  9. Click Finish.
Step 2: Set up Accellion as a SAML 2.0 service provider (SP)
  1. Open a new incognito browser window.
  2. Sign in to https://yourcompany.kiteworks.com/admin with your organization's Accellion administrator account, where yourcompany is the subdomain provided by Accellion.
  3. Click Application from the breadcrumb menu options.
  4. Navigate to Authentication and Authorization -> SSO Setup.
  5. Check Setup SSO with SAML 2.0.
  6. In the IDP Entity ID and Single Sign-On Service URL fields, paste the Google IdP’s Entity ID and SSO URL values you copied in Step 1.
  7. In the Service Provider Entity ID field, paste https://yourcompany.kiteworks.com.
  8. In the RSA Public Key Certificate field, copy and paste the content of the Google IdP’s certificate.
  9. Click Save.
  10. When it is saved successfully, check Initiate AuthnRequest to enable SSO at Accellion’s.
  11. Click Save.
  12. (Optional) Create users in Accellion:
    • Select Users from the breadcrumb menu options.
    • Under Manage Users click + on the right to add a new user.
    • Make sure the email addresses you enter are the user’s Google email IDs.
Step 3: Enable the Accellion app
  1. Sign in to your Google Admin console.

    Sign in using your administrator account (does not end in @gmail.com).

  2. From the Admin console Home page, go to Apps and then SAML Apps.

    To see Apps on the Home page, you might have to click More controls at the bottom. 

  3. Select Accellion.
  4. At the top right of the gray box, click Edit Service Compose.

  5. To apply settings to all organizations, click On for everyone or Off for everyone, and then click Save

  6. To apply settings to individual organizational units, do the following: 

    • At the left, select the organizational unit that contains the users whose settings you want to change.
    • To change the setting, select On or Off.
    • To keep the setting the same, even if the parent setting changes, click Override.
    • If the organization's status is already Overridden, choose an option:
      Inherit—Reverts to the same setting as its parent.
      Save—Saves your new setting (even if the parent setting changes).

    Learn more about the organizational structure.

  7. Ensure that your Accellion user account email IDs match those in your Google domain.
Step 4: Verify that the SSO is working
  1. Close all browser windows.
  2. Open https://yourcompany.kiteworks.com for the Accellion User portal or https://yourcompany.kiteworks.com/admin for the Accellion Admin portal.
  3. Click Login via the external SSO provider.You should be redirected to the Google sign-in page.
  4. Enter your username and password.

After your sign in credentials are authenticated, you are redirected back to Accellion.

If the user account authenticated by Google IdP does not already exist in Accellion, you see an error. See step 2 to manually create a new user in Accellion before verifying SSO.

Was this helpful?
How can we improve it?