Sentry SSO with Palo Alto
From Swivel Knowledgebase
Setup AuthControl Sentry Keys
Before you are able to create a Single Sign On configuration on Google.com, you will need to setup some Keys. Please see a separate article: HowToCreateKeysOnCmi. You will need the certificate you generate in a later section of this article. This can be retrieved from the View Keys menu option of Swivel AuthControl Sentry.
Setup SSO on Palo Alto
SAML IDENTITY PROVIDER SERVER PROFILE
Profile Name: Swivel_sentry (example)
Identity Provider Configuration
- Identity Provider ID : https://demo.swivelcloud.com/sentry/saml20endpoint
- Identity Provider Certificate :
- Identity Provider SSO URL : https://demo.swivelcloud.com/sentry/saml20endpoint
- Identity Provider SLO URL : https://demo.swivelcloud.com/sentry/singlelogout
- SAML HTTP Binding for SSO Requests to IDP : Select Redirect
- SAML HTTP Binding for SLO Requests to IDP : Select Redirect
Check : "Validate Identity Provider Certificate"
- Maximum Clock Skew (seconds) : 60