SAML integration

This integration uses the standard SAML 2.0 protocol. SAML 2.0 (Security Assertion Markup Language 2.0) is an open standard for exchanging authentication and authorization data to enable single sign-on (SSO) for users.

With the SAML integration, you can connect your identity provider (IdP) solution with ‚ÄčAkamai MFA‚Äč providing the user with two-step authentication. First, the user needs to confirm their identity with your IdP system, for example, using their username and password. Next, the user has to confirm that the login is legitimate using one of the ‚ÄčAkamai MFA‚Äč second factors.

Supported enrollment types:

  • Email enrollment
  • In-line enrollment

Supported secondary authentication methods:

  • Clientless push
  • Email or SMS OTP
  • Hardware token
  • Phone call
  • Phone security key
  • Push notification
  • Push TOTP
  • WebAuthn/FIDO2 security key

Follow this procedure to generate the security components to create a custom SAML integration.

  1. Configure your ‚ÄčAkamai MFA‚Äč integration and generate your integration credentials and certificate:
    a. In the Enterprise Center navigation menu, select Multi-factor Authentication > Integrations.
    b. Click Add Integration (+).
    c. In Integration Type, select SAML.
    d. In Name, enter a unique integration name.
    e. Click Save and Deploy.
    You‚Äôve just generated your Issuer URI, SSO URL, and Certificate. This data will be available for you on the integration page. Your MFA credentials can be copied anytime and used to integrate ‚ÄčAkamai MFA‚Äč with your SAML application.

  2. In your identity management solution, enter the ‚ÄčAkamai MFA‚Äč Issuer URI, SSO URL, and Certificate that you generated in the previous step.
    This lets you generate your IdP SAML metadata containing the Certificate and the Assertion Consumer Service URL.

  3. Save your IdP metadata to your computer.

  4. To enable communication between your IdP and ‚ÄčAkamai MFA‚Äč, enter your IdP integration metadata in ‚ÄčAkamai‚Äč Enterprise Center.
    a. In the Enterprise Center navigation menu, select Multi-factor Authentication > Integrations.
    b. Navigate to your SAML integration.
    c. In SAML SP Settings, click Provision.
    d. In the Upload SAML Metadata dialog, click the Metadata icon and select the metadata.xml file that you previously downloaded by clicking Open. When the metadata displays in Metadata Content, click Upload to confirm.

    The uploaded metadata appears in the SAML SP Settings section.

You've just configured a SAML integration between your identity solution and ‚ÄčAkamai MFA‚Äč.