The purpose of this document is to provide instructions on how to configure and manage Jenkins to enable SAML integration.
1. Adding the SaaS application to Seqrite ZTNA
To add the SaaS application, follow these steps:
- Log into Seqrite ZTNA admin console.
- Navigate to the Applications section.
- Navigate to the SaaS Applications tab and click.
- To add Slack application click Browse SaaS Application Catalog.
- Click Add + of Jenkins application card.
- Enter the Application Name. Provide the Application Description and Logo, if any.
- Select the following checkboxes as appropriate to control access from managed laptops, desktops, or mobile devices.
- Allow access from registered Seqrite ZTNA-compliant devices:
Only users with registered Seqrite ZTNA-compliant devices (on which the Seqrite ZTNA agent is installed and active), including desktops and laptops, can access the applications. - Allow access from mSuite:
Mobile users are able to access applications only through the Workspace. To know more about accessing SaaS application through mSuite Workspace, see mSuite Documentation.
Note: iOS is not supported; iOS users can access applications outside the Workspace also.
- Allow access from registered Seqrite ZTNA-compliant devices:
- Click Add to add the application.
2. Configuring domain federation for Jenkins
To enable SAML Single Sign-On (SSO) in Jenkins and integrate it with miniOrange SAML 2.0, follow these steps:
- Log in to Jenkins with Admin Access.
- Click on the Dashboard, then navigate to Manage Jenkins.
- Under System Configuration Tab, locate the Plugins Folder on the Manage Jenkins page.
- Click on Available Plugins from the left-side menu of the Plugins Page.
- Search for "SAML Single Sign On (SSO)" and install the plugin. Restart Jenkins after installation.
After Jenkins restarts:
- Navigate to Dashboard > Manage Jenkins > Security.
- Click on Security Option.
- Under Authentication, select "miniOrange SAML 2.0" from the Security Realm, and click Save.
Go to Manage Jenkins > Under Security, click on miniOrange SAML SSO:
- Copy the SP Configuration details (SP Entity ID, ACS URL) from the miniOrange SAML page.
- Paste the relevant details into the Jenkins SaaS Application in Seqrite ZTNA Admin Console for ACS URL and Entity ID.
- Keep the External Address field in Jenkins SaaS Application the same as the Entity ID.
On the miniOrange SAML page, scroll down to find the IDP Configuration section for manual configuration.
- Copy the SAML Settings from the Jenkins SaaS Application in Seqrite ZTNA.
- Paste the copied settings into the corresponding fields in the miniOrange SAML page.
Note: Name ID Format cannot be changed. - Click Save after providing all the necessary details in the IDP Configuration.
- Click on the "Test Configuration" button below the IDP Configuration Details to check the SAML of Jenkins Application.
- Click on the provided link to see the results of the SAML, which redirects to Seqrite ZTNA User Portal for Authentication.
Note: Once miniOrange SAML 2.0 is added in the Jenkins Console, the Users Section will be removed. To manage users again, remove miniOrange SAML 2.0, which will restore the Users Section on the Security page. For additional actions related to users, refer to the Jenkins Help for installing the respective plugins.