Millie SAML Single Sign-On (SSO) integration
This topic describes how to configure Millie for Single Sign-On (SSO) in CyberArk Identity using SAML.
SSO supported features
This application template supports the following features:
Just-in-time (JIT) provisioning
Before you begin
Create an account in the Millie application with administrator access.
Configure the Millie app template in the Identity Administration portal
Step 1: Add the Millie web app template
In the Identity Administration portal, select Apps & Widgets > Web Apps, then click Add Web Apps.
On the Search page, enter the application name in the Search field and click the search button.
Next to the application name, click Add.
On the Add Web App page, click Yes to confirm.
Click Close to exit the Application Catalog.
The application opens to the Settings page.
Step 2: Configure Trust settings
Go to the Trust settings.
In the Identity Provider Configuration section, select Metadata, then click Download Metadata File to download the IdP metadata. Send the file to
firstname.lastname@example.org. Later, this file will be uploaded to the Millie application.
In the Service Provider Configuration section, select Manual Configuration, enter the following SAML settings, and click Save after you finish.
Service provider settings Setting Description
SP Entity ID
Sign in to the Millie application as an administrator, copy the Metadata URL value, and paste it into this field. For example:
Assertion Consumer Service (ACS) URL
Copy the ACS URL value from the Millie application (Settings > Account Settings > Single sign-on) and paste it into this field. For example:
Step 3: Configure permissions to grant Millie users SSO access
Grant SSO access to Millie by assigning permissions to users, groups, or roles.
On the Permissions page, click Add.
Select the user(s), group(s), or role(s) that you want to grant permissions to, then click Add.
The added object appears on the Permissions page with View, Run, and Automatically Deploy permissions selected by default.
Select the permissions you want and click Save.
Default permissions automatically deploy the application to the User Portal if the Show in user app list option is selected on the Settings page. Do not select this option if you intend to use only SP-initiated SSO.
Change the permissions if you want to add additional control or if you prefer not to automatically deploy the application.
Step 4: Review and save
Review your settings to confirm your configuration. For example, you might want to verify that you selected the appropriate users, groups, or roles on the Permissions page. Click Save when you are satisfied.
Configure Millie for SAML SSO
Perform these steps in Millie to configure the Millie application template for SSO.
Sign in to the Millie application as an administrator.
Go to Settings > Account Settings > Single sign-on.
Upload the IdP metadata file you sent to
Click Save SSO.
Test the Millie SSO configuration
Now that you have finished configuring the application template settings in the Identity Administration portal and Millie, Millie users can benefit from IdP- and SP-initiated SSO.
Sign in to CyberArk Identity with the user account you just added.
Click the Millie application tile to launch Millie in a new tab and automatically sign in.
Go to your Millie account sign-in page.
Enter your Millie Account ID and click Log in to your account with SSO.
You are redirected to the IdP for authentication. After successful authentication, you are redirected back to Millie, which displays the web interface.
See the Millie documentation for additional resources: