Deploy a web SAML Application

To not disrupt existing access to critical web applications, we recommend that you deploy a non-production application or an application that will have minimal impact on your users.

There are numerous applications you can deploy. The steps for adding a web SAML application in the Admin Portal are the same for all applications. After you add the application, you then configure it for SSO using the web application directly; these instructions can vary widely for each application. This getting started article provides generic information for SAML application configurations and specific instructions for configuring:

  • Salesforce
  • Workday

Add web applications in the Admin Portal

Before you configure any web applications for SSO, you need the following:

  • An active account for the application with administrator rights for your organization.
  • A signed certificate.

    You can either download one from the Admin Portal or use your organization’s trusted certificate.

You now must make configuration changes from the application itself using your application administrator credentials.

Generic SAML application configurations

At the most basic level, configuring SSO for SAML applications mean providing the necessary information for the application and CyberArk Identity to communicate. The specific information and configuration field names may vary for each application, but you can typically find the necessary information on the Trust page in the Admin Portal (Apps > Web Apps > specific SAML application > Trust).

It is helpful to open the web application and the Admin Portal simultaneously to copy and paste settings between the two browser windows.

Instructions for configuring the specific SAML applications follow.

Configure Salesforce

This article provides instructions for SSO access to Salesforce from the User Portal.

Back to top

Configure Workday

This article provides instructions for SSO access to Workday from the User Portal.