Integrate Druva

1.      Open a Web browser and go to https://login.druva.com.

2.      Log in to your Druva account. The Dashboard page appears.

3.      From the menu, select Druva Cloud Settings. The Settings page appears.

4.      Go to Single Sign-On and click Edit. The Edit Single Sign-On Settings page appears.

5.      Select AuthnRequests Signed.

6.      Under SSO SAML Certificate, click Download to download the Druva Certificate.

7.      Click Save to return to the Settings page.

8.      Click next to Single Sign-On and select Generate SSO Token. The Single Sign-On Token dialog box appears.

9.      Open a text editor, such as Notepad, and copy and paste the Token Generated.

10.  Close Single Sign-On Token dialog box.

11.  Leave this window open.

Add Druva application to Identity as a Service

1.      Log into your Identity as a Service administrator account.

2.      Click > Security > Applications. The Applications Lists page appears.

3.      Click Add. The Select an Application Template page appears.

4.      Do one of the following:

●       Select SAML Cloud Integrations from the search drop-down list and scroll to find the application you want to add to IDaaS.

- or -

●       In the Search bar, enter a search option to filter for the application you want to add to IDaaS.

5.      Click Druva. The Add Druva page appears.

6.      Enter an Application Name.

7.      Enter an Application Description.

8.      Optional. Add a custom application logo.

a.      Click next to Application Logo. The Upload Logo dialog box appears.

b.      Click  to select an image file to upload.

c.      Browse to select your file and click Open. The Upload Logo dialog box reappears showing your selected image.

d.      If required, resize your image.

e.      Click OK.

9.      Select the Authentication Flow that appears to users during login.

10.  Click Next. The General page appears.

11.  In the Default Assertion Consumer URL field, enter:

https://login.druva.com/api/commonlogin/samlconsume

12.  In the Service Provider Entity ID (Issuer) field, enter:

MSC_login

13.  Enter the SAML Session Timeout to the time when the SAML Assertion times out. The maximum is 720 minutes.

14.  Enter the Max Authentication Age (seconds) to set the maximum amount of time that can elapse before a user is required to reauthenticate during a new login attempt. This applies for both SP-initiated and IDP-initiated login. Set this field to -1 to disable this feature.

15.  From the SAML Name ID Attribute drop-down list, select Email.

16.  From the SAML NameID Encoding Format drop-down list, select Email.

17.  Select the SAML Signing Certificate from the drop-down list.

18.  Optional: Select Respond Immediately for Unsuccessful Responses to return to the application immediately after a login failure, rather than allow user to try again with a different userID.

19.  Deselect Enable Go Back Button if you do not want users to be able to go back to the Druva for login page to log in.

20.  Select to enable Encrypt SAML Assertion.

21.  Click to upload the Encryption Certificate file you downloaded in Step 1: Download the Druva Certificate and copy the Single Sign-On token.

22.   Add the Single Sign-On token attribute, as follows:

a.       Under SAML Attributes, click Add. The SAML Attributes dialog box appears.

b.        In the Name field enter druva_auth_token.

c.        In the Values field, enter the Single Sign-On token you copied in Step 1: Download the Druva Certificate and copy the Single Sign-On token.

d.       Click Add.

23.   Click Submit.

Copy the SAML signing certificate and the IDP URLs

1.      In IDaaS, click > Security > Applications. The Applications List page appears.

2.      Under SAML Cloud Integrations, click SAML Signing Certificates. The SAML Signing Certificates page appears.

3.      Click  next to the certificate to copy it to the clipboard.

4.      Open a text editor, such as Notepad, and paste the contents of the certificate into the text file.

5.      Return to the Applications List page.

6.      Click next to the Druva application and select IDP initiated URLs. The IDP Initiated URLs dialog box appears.

7.      Copy the value in the No relay state field and paste it in to the text file.

8.      Click OK to close the dialog box.

9.      Save the text file.

1.      Return to the Druva Cloud Settings and click Edit for the Single Sign-On. The Edit Single Sign-On Settings page appears.

2.      In the ID Provider Login URL field, enter the IDP initiated URLs you copied in Step 4: Copy the SAML signing certificate and IDP initiated URLs from IDaaS.

3.      In the ID Provider Certificate field, enter the SAML Certificate you copied in Step 4: Copy the SAML signing certificate and IDP initiated URLs from IDaaS.

4.      Click Save.

Testing Service Provider Login

1.      Open a Web browser and enter the URL https://login.druva.com/login . You are directed to Identity as a Service.

2.      Enter your Druva Cloud account User ID and click Next.

3.      Respond to the second-factor authentication challenge. If you respond successfully, you are logged in to the Druva Console Home page.

Testing Identity as a Service redirect log in

1.       Log in to your Identity as a Service account.

2.      Go to your My Profile page if you are not already there.

3.      Under Applications, click Druva SAML.

4.      Respond to the second-factor authentication challenge. If you respond successfully, you are logged in to Druva Console Home page.