This section describes the settings for using Unifinity with CloudGate UNO as an IdP (Identity Provider).
procedure
1. Creating a Service Provider
In the CloudGate UNO dashboard, click "Service Provider" and then select "Add Service Provider."
In the search box, type "ユニフィニティー," search, and click "Add" to add Unifinity as a Service Provider.
Click "Single Sign-On Settings" and set the Login URL in "Login URL" to the Login URL on the UniBaaS single sign-on configuration screen.
Download the SAML 2.0 Metadata from CloudGate UNO, open it in Notepad, select all of it, copy it to the clipboard, and paste it into the MetaData of the UniBaaS single sign-on configuration screen.
Sign-on URL / SAML endpoint URL / SSO URL: Set to https://unibaas.unifinity.app/partner/login/?partner_code={CompanyID}&mode=sso (replace {CompanyID} with the "Company Identifier" displayed in the UniBaaS management screen).
Issuer / Provider name / Entity ID: Set this to the Entity ID displayed on the UniBaaS SSO settings page.
Assertion Consumer Service (ACS) URL: Use the ACS URL provided in the UniBaaS SSO settings page.
Save the settings.
2. Mapping Information (CloudGate Side)
In the CloudGate UNO dashboard, click on "User" and then navigate to the "Custom Field" tab. From there, create a new custom field by setting both the Field ID and Field Name to UNIBAAS_GROUP, and select "SINGLE" as the value type. This custom field will be used for mapping group information in UniBaaS.
3. Mapping Information (UniBaaS Side)
In the UniBaaS Single Sign-On settings screen, enter GROUP in the Group Name Mapping Attribute field and DISPLAY_NAME in the User Mapping Attribute field. Once the values are entered, click "Register" to save the settings.
4. Assigning User Accounts
Once the Service Provider has been set up in CloudGate UNO, you will need to assign users to this Service Provider to allow them to use Single Sign-On (SSO) with UniBaaS. To do this, go to the "User" section in the CloudGate UNO dashboard.
If you are creating a new user, open the new user creation screen. For existing users, open the user’s profile in the editing screen. In the "Custom Fields" section, find the field labeled UNIBAAS_GROUP that you created earlier. Here, specify the name of the group in UniBaaS to which the user will belong. This step ensures that the user's group is correctly mapped when they log in through SSO.
Next, in the "Services" section, enable the newly added Service Provider by checking the corresponding checkbox. You will also need to enter the Account ID that the user will use in UniBaaS.
Once these settings are completed and saved, the user will be assigned to the Service Provider and able to log in to UniBaaS through CloudGate UNO using Single Sign-On.