Syncplicity

Before You Begin

Introduction

This document describes how to configure Oracle Identity Cloud Service to provide Single Sign-On (SSO) for Syncplicity using SAML.

About Syncplicity

Syncplicity is a flexible, scalable, and a secure way to share and sync files for any size business.

After integrating Syncplicity with Oracle Identity Cloud Service:

  • Users can access Syncplicity using their Oracle Identity Cloud Service login credentials.
  • Users can start Syncplicity using the Oracle Identity Cloud Service My Apps console.
  • Admins can assign and revoke user access to the Syncplicity app using the Oracle Identity Cloud Service administration console.

What Do You Need?

  • An Oracle Identity Cloud Service account with authorization rights to manage apps and users (Identity Domain Administrator or Application Administrator).
  • A Syncplicity account with authorization rights to configure federated authentication.
  • Make sure that the email ID of each user in Syncplicity matches the primary email ID of the Oracle Identity Cloud Service account.
  • An Oracle Identity Cloud Service certificate.
  • A service provider signing certificate from the service provider support. Tip: Use this signing certificate later during the Syncplicity registration in the "Registering and Activating the Syncplicity App" section.

Obtaining the Certificate and Saving in PEM Format

Use this section to convert the X509 Certificate value into a format that is suitable for Oracle Identity Cloud Service.

  1. Use the following URL to access the metadata: https://<IDCS-Service-Instance>.identity.oraclecloud.com/fed/v1/metadata.

  2. In the metadata file, locate the md:IDPSSODescriptor tag.

  3. Copy the content between the dsig:X509Certificate tags into a text file. This content is the Oracle Identity Cloud Service Certificate.

    Image img1.png displays the metadata content with md:IDPSSODescriptor and dsig:X509Certificate tags highlighted.

  4. Add -----BEGIN CERTIFICATE----- at the beginning of the content.

  5. Add -----END CERTIFICATE----- at the end of the content.

    Image img2.png displays the notepad with the certificate content highlighted.

  6. Save the file with an extension of .pem.

    Tip: Use this content later during the Syncplicity configuration in the "Configuring SSO for Syncplicity" section.

Configuring SSO for Syncplicity

  1. Access Syncplicity as an administrator using the login URL: https://my.syncplicity.com/Login.aspx. The Syncplicity home page appears.

  2. In the header menu, click Admin, and then select Settings from the submenu. The Manage Settings page appears.

  3. In the Account Configuration section, click Custom domain and single sign-on. The Configure Authentication Settings page appears.

  4. Use the table to update the federated authentication attributes, and then click Save changes.

    This table lists the mandatory federated authentication attributes that you must set to complete the SSO configuration.
    Attribute Value
    Custom Domain Enter your domain name. Tip: Use this domain name later in the "Registering and Activating the Syncplicity App" section.
    Single Sign-On Status Select Enabled to establish SSO connection.
    Entity Id Enter https://<Domain_Name>.syncplicity.com. Note: The domain name is the name you have entered as Custom Domain.
    Sign-in page URL Enter the Sign-in URL/SSO Endpoint: https://<IDCS-Service-Instance>.identity.oraclecloud.com/fed/v1/idp/sso.
    Identity Provider Certificate Upload the certificate that you previously obtained. See the "Obtaining the Certificate and Saving in PEM Format" section.

Creating Syncplicity Accounts for Users

  1. In the header menu, click Admin, and then select User Accounts from the submenu. The Manage Users page appears.

  2. Click Add a User. The Add and Configure New Users page appears.

  3. Enter the Email Addresses of the users seperated by a comma, select a Role from the drop-down list, and then click Next.

  4. In the Group Memebership step, click Next. The Syncplicity Folders step appears.

  5. Select the folders you like to place under Syncplicity's control on users' computers. A success message stating that the user accounts are created successfully is displayed.

  6. Click View and edit existing users. The Manage Users page appears.

  7. Click the newly created user. The Personal Information page of the user appears.

  8. In the right navigation menu, locate the Tasks section, and then click Activate Account. The User Account Activation dialog box appears.

  9. Enter the First Name, Last Name, Password, Confirm Password fields of the user, and then click Activate Account. A success message stating that the account is activated is displayed.

    Note: Enabling SSO deactivates the ability to log in using Syncplicity user name and password directly on the app. Remain logged in to the Syncplicity session until you complete the next section to verify that Identity Provider initiated SSO from Oracle Identity Cloud Service works.

Configuring the Syncplicity App in Oracle Identity Cloud Service

Use this section to register and activate the Syncplicity app, and then assign users to the app.

Registering and Activating the Syncplicity App

  1. Access the Oracle Identity Cloud Service administration console, select Applications, and then click Add.

  2. Click App Catalog.

  3. Search for Syncplicity, and then click Add.

  4. In the App Details section, enter your Syncplicity Domain Name, and then click Next.

    Note: This is the Domain Name value that you have entered as Custom Domain in the "Configuring SSO for Syncplicity" section.

  5. Expand the General Settings section, and then upload the signing certificate of the service provider.

  6. Click Finish. Oracle Identity Cloud Service displays a confirmation message.

  7. Click Activate, and then click Activate Application. The Oracle Identity Cloud Service displays a confirmation message.

Assigning Users to the Syncplicity App

  1. On the Syncplicity app page in Oracle Identity Cloud Service, select Users, and then click Assign. The Assign Users window appears.

  2. Select users that you want to assign to Syncplicity, and then click OK. Oracle Identity Cloud Service displays a confirmation message stating that the Syncplicity app is assigned to the users that you selected.

Verifying the Integration

Use this section to verify that SSO works when initiated from Syncplicity (SP Initiated SSO).

Verifying Service Provider Initiated SSO from Syncplicity

  1. Access Syncplicity using the login URL: https://my.syncplicity.com/Login.aspx. The login page appears.

  2. Enter the email address and click Next. You are redirected to the Oracle Identity Cloud Service login page.

  3. Log in using credentials for a user that is assigned to the Syncplicity app. The Syncplicity home page appears.

  4. In the upper-right corner, confirm that the user that is logged in is the same for both Syncplicity and Oracle Identity Cloud Service.

    This confirms that SSO that is initiated from Syncplicity works.

Troubleshooting

Use this section to locate solutions to common integration issues.

Known Issues

Syncplicity displays the message, "Login Error"

Cause: The email attribute sent by Oracle Identity Cloud Service during SSO doesn't match any existing user in Syncplicity.

Solution: Ensure that the user that you assign to the Syncplicity app has an account in both Oracle Identity Cloud Service and Syncplicity with the same email address.

Oracle Identity Cloud Service displays the message, "You are not authorized to access the app. Contact your system administrator."

Cause 1: The SAML 2.0 integration between the Oracle Identity Cloud Service Syncplicity app and Syncplicity is deactivated.

Solution 1:

  • Access the Oracle Identity Cloud Service administration console, select Applications, and then select Syncplicity.
  • In the App Details section, click Activate, and then click Activate Application. Oracle Identity Cloud Service displays a confirmation message.

Cause 2: The administrator revokes access for the user at the same time that the user tries to access the Syncplicity app using Oracle Identity Cloud Service.

Solution 2:

  • Access the Oracle Identity Cloud Service administration console, select Applications, and then select Syncplicity.
  • In the App Details section, select Users, and then click Assign to re-assign the user.

Unknown Issues

For unknown issues, contact Oracle Support:

  1. Go to https://support.oracle.com.

  2. Select Cloud Support, and then sign in with your support credentials.

  3. In the Cloud Dashboard, confirm that there are no planned outages in Oracle Identity Cloud Service, and then click Create Service Request.

  4. Select Oracle Identity Cloud Service as the service type.

  5. Complete your service request.