LiquidFiles

Before You Begin

Introduction

This document describes how to configure Oracle Identity Cloud Service to provide Single Sign-On (SSO) for LiquidFiles using SAML.

About LiquidFiles

LiquidFiles fulfills all needs of an organization to send, receive, and share files of any file size in and out of an environment.

After integrating LiquidFiles with Oracle Identity Cloud Service:

  • Users can access LiquidFiles using their Oracle Identity Cloud Service login credentials.
  • Users can start LiquidFiles using the Oracle Identity Cloud Service My Apps console.
  • Admins can assign and revoke user access to the LiquidFiles app using the Oracle Identity Cloud Service administration console.

What Do You Need?

  • An Oracle Identity Cloud Service account with authorization rights to manage apps and users (Identity Domain Administrator or Application Administrator).
  • A LiquidFiles account with authorization rights to configure federated authentication.
  • LiquidFiles URL obtained manually by hosting the application in the server. The application can be installed using the .ovf file received from LiquidFiles. Refer to https://man.liquidfiles.com/install/ for more information on installation. Use the manually obtained LiquidFiles URL later during LiquidFiles registration in the "Registering and Activating the LiquidFiles App" section.

Configuring the LiquidFiles App in Oracle Identity Cloud Service

Use this section to register and activate the LiquidFiles app, and then assign users to the app.

Registering and Activating the LiquidFiles App

  1. Access the Oracle Identity Cloud Service administration console, select Applications, and then click Add.

  2. Click App Catalog.

  3. Search for LiquidFiles, and then click Add.

  4. In the App Details section, enter your LiquidFiles Host Name, and then click Next.

    Note: This is the URL that you obtained in the "What do you Need" section. For instance, myliquidfilesdomain.mycompanyname.com.

  5. Click Download Signing Certificate.

    Tip: Convert this certificate to fingerprint format. See the "Converting Oracle Identity Cloud Services Certificate to Fingerprint Format" section.

  6. Click Finish. Oracle Identity Cloud Service displays a confirmation message.

  7. Click Activate, and then click Activate Application. The Oracle Identity Cloud Service displays a confirmation message.

Assigning Users to the LiquidFiles App

  1. On the LiquidFiles app page in Oracle Identity Cloud Service, select Users, and then click Assign. The Assign Users window appears.

  2. Select users that you want to assign to LiquidFiles, and then click OK. Oracle Identity Cloud Service displays a confirmation message stating that the LiquidFiles app is assigned to the users that you selected.

Converting Oracle Identity Cloud Services Certificate to Fingerprint Format

  1. Go to https://www.samltool.com/fingerprint.php, and then paste the certificate in the X.509 cert text box.

    Tip: This is the certificate that you downloaded during the LiquidFiles registration in the "Registering and Activating the LiquidFiles App"" section.

  2. Select SHA256 or SHA1 from the Algorithm drop-down list, and then click CALCULATE FINGERPRINT.

  3. Make note of the converted fingerprint in the Formatted Fingerprint text box.

NOTE: Ensure that the certificate fingerprint is in the XX:XX:XX... format. For instance, F3:99:2A:E7:45:00:55.... Use this fingerprint later during SSO configuration in the "Configuring SSO for LiquidFiles" section.

Configuring SSO for LiquidFiles

  1. Access LiquidFiles from the hosted machine as an administrator using the URL: https://<Host_Name>. The LiquidFiles home page appears.

  2. Click Admin in the header menu. The LiquidFiles Virtual Appliance page appears.

  3. Click Configuration, and then select Single Sign-On (SSO) from the drop-down list. The Single Sign-on configuration page appears.

  4. Use the table to update the federated authentication attributes, and then click Save.

    This table lists the mandatory federated authentication attributes that you must set to complete the SSO configuration.
    Attribute Value
    IdP Login URL Enter the Sign-in URL/SSO Endpoint: https://<IDCS-Service-Instance>.identity.oraclecloud.com/fed/v1/idp/sso.
    IdP Cert Fingerprint Paste the converted certificate that you obtained earlier in the "Converting Oracle Identity Cloud Services Certificate to Fingerprint Format" section.

    Note: LiquidFiles can be accessed by a user who is assigned to the LiquidFiles app in Oracle Identity Cloud Service, even if the user does not have a LiquidFiles account.

Verifying the Integration

Use this section to verify that SSO works when initiated from Oracle Identity Cloud Service (IdP Initiated SSO) and LiquidFiles (SP Initiated SSO).

Verifying Identity Provider Initiated SSO from Oracle Identity Cloud Service

  1. Access the Oracle Identity Cloud Service My Profile console using the URL: https://<IDCS-Service-Instance>.identity.oraclecloud.com/ui/v1/myconsole.

  2. Log in using credentials for a user that is assigned to the LiquidFiles app. Oracle Identity Cloud Service displays a shortcut to LiquidFiles under My Apps.

  3. Click LiquidFiles. The LiquidFiles home page appears.

  4. In the upper-right corner, confirm that the user that is logged in is the same for both LiquidFiles and Oracle Identity Cloud Service.

    This confirms that SSO that is initiated from Oracle Identity Cloud Service works.

Verifying Service Provider Initiated SSO from LiquidFiles

  1. Access LiquidFiles using the URL: https://<Host_Name>, and then click SSO Login in the login page. You are redirected to the Oracle Identity Cloud Service login page.

  2. Log in using credentials for a user that is assigned to the LiquidFiles app. The LiquidFiles home page appears.

  3. In the upper-right corner, confirm that the user that is logged in is the same for both LiquidFiles and Oracle Identity Cloud Service.

    This confirms that SSO that is initiated from LiquidFiles works.

Troubleshooting

Use this section to locate solutions to common integration issues.

Known Issues

Oracle Identity Cloud Service displays the message, "You are not authorized to access the app. Contact your system administrator."

Cause 1: The SAML 2.0 integration between the Oracle Identity Cloud Service LiquidFiles app and LiquidFiles is deactivated.

Solution 1:

  • Access the Oracle Identity Cloud Service administration console, select Applications, and then select LiquidFiles.
  • In the App Details section, click Activate, and then click Activate Application. Oracle Identity Cloud Service displays a confirmation message.

Cause 2: The administrator revokes access for the user at the same time that the user tries to access the LiquidFiles app using Oracle Identity Cloud Service.

Solution 2:

  • Access the Oracle Identity Cloud Service administration console, select Applications, and then select LiquidFiles.
  • In the App Details section, select Users, and then click Assign to re-assign the user.

Unknown Issues

For unknown issues, contact Oracle Support:

  1. Go to https://support.oracle.com.

  2. Select Cloud Support, and then sign in with your support credentials.

  3. In the Cloud Dashboard, confirm that there are no planned outages in Oracle Identity Cloud Service, and then click Create Service Request.

  4. Select Oracle Identity Cloud Service as the service type.

  5. Complete your service request.