SSO Catalog of supported cloud services
The supported cloud services of SSO Catalog:
- Viewing the SSO Catalog
- SSO Catalog in the user interface
- SSO Catalog as a service
- Generic vs. individual connector templates
- Configure a custom cloud connector using a template
- Delete a custom cloud connector
Viewing the SSO Catalog
The user interface provides the most complete and up-to-date view of the SSO Catalog.
The SSO Catalog consists of the cloud applications and services supported by Web Gateway with cloud connectors. It includes predefined connectors, connector templates, and custom connectors configured from the templates.
The catalog is implemented as a system list. Like other system lists, it is updated and released between major Web Gateway releases. Changes are delivered by update servers and can be viewed in the user interface. New connectors are added, and when possible, broken connectors are fixed. Connectors that are no longer supported are highlighted and the change is noted.
The SSO Catalog system list consists of these connector lists:
- Predefined connectors — These connectors come fully configured with Web Gateway and only need selecting from the catalog.
- Custom connectors — These connectors are configured from templates that come with some, but not all, configuration built in. Custom connectors require configuration before they can be added to the catalog and selected.
In the user interface, predefined connectors and connector templates are organized by the names of the cloud applications and services they support. Custom connectors configured from connector templates are organized by the names that you specify.
Each connector configuration is saved in a file that includes information like the following:
- Information about the cloud service, such as name and category
- URLs needed for the SSO process
- Pages containing logon forms
- Data for generating the launchpad
SSO Catalog in the user interface
Predefined and custom connectors are listed in table format. While the tables include the same information, the details differ for each type of list.
NOTE: Predefined connector values are provided by the Single Sign On module and cannot be changed. Custom connector values, which administrators configure, can be changed.
Column heading | Description |
---|---|
Icon | Displays the logo that represents the cloud application or service. When configuring a custom connector, you can specify a custom image. |
Name | Uniquely identifies the predefined connector or custom connector instance.
NOTE: From one connector template, you can configure multiple connector instances. For example, you can configure one connector instance for each user group and assign the instances different names, as follows:
|
Description | (Custom connectors) Allows you to provide a description for each connector instance. |
Categories |
Specifies the type of service provided by the cloud application or service. When configuring a custom connector, you can change the default category or create a new one. Examples: Collaboration, Marketing, Social |
Service ID |
|
Types | Specifies the method that each cloud application or service uses to authenticate users. Sometimes, applications and services are referred to by type, such as an HTTP application or a SAML service. This value is set by the Single Sign On module. |
SSO Catalog as a service
The SSO Catalog is a cloud service. As a cloud service, it is updated between Web Gateway releases.
NOTE: The SSO Catalog is also known as the Connector Catalog as a Service (CCaaS).
Occasionally, a Service Provider changes the configuration details required for connecting to a cloud service or stops providing a cloud service altogether. These changes, which can break the connector to a service temporarily or permanently, require changes to the SSO Catalog. Changes to the SSO Catalog, including new and fixed connectors, are delivered by update servers.
When the catalog is updated, an update message is displayed in the Web Gateway user interface. Broken connectors for which no resolution is planned are no longer supported and are flagged in the user interface as follows:
- SSO Catalog
- Connectors — Predefined and custom connectors that are no longer supported are available for selection in the catalog. But they are flagged with a yellow triangle and No longer supported message.
- Templates — Templates for custom connectors that are no longer supported are available for selection in the catalog and can be configured. But they are flagged with a yellow triangle and No longer supported message.
- SSO Connector lists — SSO Connector lists are custom lists of connectors to cloud services that users are allowed to access. Connector lists containing connectors that are no longer supported are highlighted in yellow. Connectors in connector lists that are no longer supported are highlighted in yellow and flagged with a No longer supported message.
Finding information about the latest release of the SSO Catalog
To find information about the latest release of the SSO Catalog, see the following articles:
Generic vs. individual connector templates
Generic cloud connector templates support any cloud application that uses the specified authentication method. Because generic templates are more flexible than individual connector templates, they require more configuration.
Individual connector templates
Individual cloud connector templates provide the basis for configuring a connection to a specific cloud application. For example, the Salesforce connector template allows you to configure a custom connection to the Salesforce application in the cloud.
Because templates are configurable, you can create multiple custom connectors to a single cloud application such as Salesforce. To identify custom connectors, you assign them unique names.
Generic connector templates
Generic cloud connector templates allow you to configure a connection to any cloud application that uses the specified authentication method. For example, using the Generic HTTP Connector template, you can configure a connection to any cloud application that uses HTTP authentication to log on users. Generic templates allow you to configure connectors to cloud applications not found in the SSO Catalog.
Web Gateway provides generic cloud connector templates for the following authentication methods.
- Generic HTTP connector — Select this template when you want to configure a connector to an HTTP service that Web Gateway does not support with an individual connector.
- Generic SAML2 connector — Select this template when you want to configure a connector to a SAML 2.0 service that Web Gateway does not support with an individual connector.
- Generic IceToken connector — Select this template when you want to configure a connector to a service that uses an authentication method which Web Gateway does not support.
Configure a custom cloud connector using a template
After you configure a connector to a cloud service from a template, your users can access the service after authenticating one time.
Task
- Select Policy | Lists.
- In the Lists tree, expand System Lists | SSO Catalog, then click Custom connectors.
- Click the Add icon.
The Add Connector dialog box opens. - Provide values for the following fields and settings:
- Name — Specifies a name that uniquely identifies the cloud connector instance.
- Description — (Optional) Describes the cloud connector instance.
- Template — Allows you to select the template corresponding to the cloud service where you want to configure SSO access.
Template-specific settings open. - Categories — Specifies the type of service provided by the cloud service or application. When you select the template, a default value is loaded automatically. You can change this value by clicking Choose.
- Browse — Allows you to add or change the logo that represents the cloud connector you are creating.
- Configure the template-specific settings.
- Click OK.
The newly configured cloud connector is added to the SSO Catalog. To view the connector in the catalog, select Custom connectors.
Delete a custom cloud connector
You can remove a custom cloud connector from the SSO Catalog if it is not included in any SSO Connector list. Custom cloud connectors are connectors configured from templates.
NOTE: Removing a custom cloud connector from the SSO Catalog removes all user credentials entered for that connector. Re-creating the connector with the same settings does not restore the credentials that were lost when the connector was removed.
Task
- Select Policy | Lists.
- In the Lists tree, expand System Lists | SSO Catalog, then click Custom connectors.
- Select the custom cloud connector you want to delete, then click the Delete icon.
The Confirm deletion dialog box opens. - To confirm the deletion, click Yes.
The custom cloud connector is removed from the SSO Catalog.