This article will show you how to configure SAML for Cisco Umbrella in Teamstack.
Once this is done, your users will be able to access Cisco Umbrella in Teamstack via SAML and they will use Teamstack credentials when accessing Cisco Umbrella.
Features:
Cisco Umbrella (SP) initiated Single Sign-On
Teamstack (IdP) initiated Single Sign-On
Set up SSO via SAML for Cisco Umbrella
To set up SSO you first need to add a Cisco Umbrella app to Teamstack, assign it to yourself and then configure Cisco Umbrella SSO with the SAML metadata from Teamstack.
Step 1: Add Cisco Umbrella app to Teamstack
Go to your Applications in Teamstack.
Click on the "Add Application" button in the top right corner.
Search for "Cisco Umbrella" and click "Add".
Select this app to be a "SAML" app and enter your Cisco Umbrella account numbrer (If your account URL is https://dashboard.umbrella.com/o/XXX, enter XXX) and leave the "Relay State" input empty.
In Organization's Applications overview click on the newly created Cisco Umbrella app. You will see all the details about this app.
Click on "Users" and assign this app to yourself. You will need this in order to test whether SAML is working correctly for Cisco Umbrella.
Click on the "SAML Configurations" tab. On the right you will find the button "SAML Metadata". Download the file, you will need it during the SAML setup for Cisco Umbrella.
Step 2: Set up SAML in Cisco Umbrella
When you enable SSO in Cisco Umbrella, all users will have to log in via Teamstack. It will no longer be possible to use the original Cisco Umbrella password anymore. Upon enabling SAML in Cisco Umbrella, existing accounts will get notified about the change via email.
Log in to Cisco Umbrella with your administrator account.
From your dashboard select "Admin -> Authentication" from the sidebar and click on the "Enable SAML" button.
On the next page, select "Other" and click "NEXT".
Here you will have the option to download the Cisco Umbrella Metadata. However, you will not need to do that as we prepared everything for you. Click on "NEXT" to proceed.
Select "XML File Upload" and upload the Metadata file from the step 1.7
You can now click on "Test Configuration". This will redirect you through the SAML login process in Teamstack.
Your users can now log in via SAML either through their Teamstack dashboard or by going to the following URL: https://login.umbrella.com/sso