Code42

Before You Begin

Introduction

This document describes how to configure Oracle Identity Cloud Service to provide Single Sign-On (SSO) for Code42 using SAML.

About Code42

Code42 is an enterprise SaaS solution that protects end-user data with its CrashPlan backup software and services suite.

After integrating Code42 with Oracle Identity Cloud Service:

  • Users can access Code42 using their Oracle Identity Cloud Service login credentials.
  • Users can start Code42 using the Oracle Identity Cloud Service My Apps console.
  • Admins can assign and revoke user access to the Code42 app using the Oracle Identity Cloud Service administration console.

What Do You Need?

  • An Oracle Identity Cloud Service account with authorization rights to manage apps and users (Identity Domain Administrator or Application Administrator).
  • A Code42 account with authorization rights to configure federated authentication.
  • Make sure that the email ID of each user in Code42 matches the primary email ID of the Oracle Identity Cloud Service account.
  • Oracle Identity Cloud Service metadata hosted on a web-server on an unprotected endpoint. Tip: Use this endpoint URL to configure the application in the "Configuring SSO for Code42 App" section.

Configuring the Code42 App in Oracle Identity Cloud Service

Use this section to register and activate the Code42 app, and then assign users to the app.

Registering and Activating the Code42 App

  1. Access the Oracle Identity Cloud Service administration console, select Applications, and then click Add.

  2. Click App Catalog.

  3. Search for Code42, click Add, and then click Next.

  4. Click Download Identity Provider Metadata. Alternatively, you can use the following URL to access the metadata: <https://<IDCS-Service-Instance>.identity.oraclecloud.com/fed/v1/metadata>.

    Tip: Use this file later during the Code42 configuration in the "Configuring SSO for Code42" section.

  5. Click Finish. Oracle Identity Cloud Service displays a confirmation message.

  6. Click Activate, and then click Activate Application. Oracle Identity Cloud Service displays a confirmation message.

Assigning Users to the Code42 App

  1. On the Code42 app page in Oracle Identity Cloud Service, select Users, and then click Assign. The Assign Users window appears.

  2. Select users that you want to assign to Code42, and then click OK. Oracle Identity Cloud Service displays a confirmation message stating that the Code42 app is assigned to the users that you selected.

Configuring SSO for Code42

  1. Access Code42 as an administrator using the login URL: https://crashplan.com/console. The Code42 home page appears.

  2. In the left navigation menu, expand Settings, and then select Security from the drop-down list. The Security page appears.

  3. In the Identity Provider(s) section, click Add Identity Provider or Federation. The Identity Provider dialog box appears.

  4. Enter the Identity Provider metadata URL, click Continue, enter the Display name, and then click Save. The identity provider is added to the list.

    Note: The identity provider metadata URL is the endpoint URL of the web-server where the Oracle Identity Cloud Service metadata is hosted. See the "What Do You Need?" section.

  5. In the left navigation menu, click Organizations. The Organization Overview page appears.

  6. In the Organization Overview header, locate and then click the Add an organization icon. The Add an Organization dialog box appears.

  7. Enter the name of your organization, and then click Add. The organization is added to the list.

  8. Click the organization in the list, click the settings icon in the organization page, and then select Edit from the drop-down list. The Organization Settings dialog box appears.

  9. Click the Security tab in the Organization Settings dialog box, select SSO from the Select an authentication method drop-down list, select the identity provider from the Choose provider(s) field, and then click Save.

  10. Click the settings icon in the organization page, and then select Edit from the drop-down list. The Organization Settings dialog box appears.

  11. Locate Compliance Settings and click Activate. The Enable Single Sign-On confirmation message appears.

  12. Click OK. The Activate Compliance Settings dialog box appears.

  13. Locate and enter ACTIVATE in the text box below the statement If you are sure you want to activate Compliance Settings, type ACTIVATE and check the box below:, select the I understand this is permanent and irreversible check box, and then click Activate.

  14. On the Security page, locate the SSO Override section, and then add the email address of the users who are to be locally authenticated only.
    Enabling SSO deactivates the ability to log in using Code42 user name and password directly on the app if the user's email address is not added in SSO Override section on the Security page. Remain logged in to the Code42 session until you complete the next section to verify that Identity Provider initiated SSO from Oracle Identity Cloud Service works.

Verifying the Integration

Use this section to verify that SSO works when initiated from Code42 (SP Initiated SSO).

Verifying Service Provider Initiated SSO from Code42

  1. Access Code42 using the login URL: https://crashplan.com/console. The Code42 login page appears.

  2. Enter your email address, and then click Sign In. You are redirected to the Oracle Identity Cloud Service login page.

  3. Log in using credentials for a federated user that is assigned to the Code42 app. The Code42 home page appears.

  4. On the Code42 home page, confirm that the user that is logged in is the same for both Code42 and Oracle Identity Cloud Service.

    This confirms that SSO that is initiated from Code42 works.

Troubleshooting

Use this section to locate solutions to common integration issues.

Known Issues

Code42 displays the message, "Unable to sign in. Please check username and password."

Cause: The email attribute sent by Oracle Identity Cloud Service during SSO doesn't match any existing user in Code42.

Solution: Ensure that the user that you assign to the Code42 app has an account in both Oracle Identity Cloud Service and Code42 with the same email address.

Oracle Identity Cloud Service displays the message, "You are not authorized to access the app. Contact your system administrator."

Cause 1: The SAML 2.0 integration between the Oracle Identity Cloud Service Code42 app and Code42 is deactivated.

Solution 1:

  • Access the Oracle Identity Cloud Service administration console, select Applications, and then select Code42.
  • In the App Details section, click Activate, and then click Activate Application. Oracle Identity Cloud Service displays a confirmation message.

Cause 2: The administrator revokes access for the user at the same time that the user tries to access the Code42 app using Oracle Identity Cloud Service.

Solution 2:

  • Access the Oracle Identity Cloud Service administration console, select Applications, and then select Code42.
  • In the App Details section, select Users, and then click Assign to re-assign the user.

Unknown Issues

For unknown issues, contact Oracle Support:

  1. Go to https://support.oracle.com.

  2. Select Cloud Support, and then sign in with your support credentials.

  3. In the Cloud Dashboard, confirm that there are no planned outages in Oracle Identity Cloud Service, and then click Create Service Request.

  4. Select Oracle Identity Cloud Service as the service type.

  5. Complete your service request.