DocumentationRelease Notes
Log In
Documentation

Entrust IDaaS (SAML)

Suggest Edits

Entrust Identity as a Service (IDaaS) is a Cloud-based identity and access management (IAM) solution with multi-factor authentication (MFA), credential-based passwordless access, and single sign-on (SSO).

BeyondTrust Remote Support supercharges the service desk with secure access and support for any device, any system, from anywhere – including Windows, macOS, Linux, Android, & iOS.

This configuration guide covers a simple SAML Single Sign-On integration between Entrust IDaaS and BeyondTrust Remote Support.

Prerequisites

  • An instance of Entrust IDaaS with administrator privileges.
  • An instance of BeyondTrust Remote Support with administrator privileges.

Configure Entrust IDaaS

Create and edit the application

  1. In Entrust IDaaS, navigate to Add Application.
  2. Under Select an Application Template, search for SAML.
  3. Select the Generic SAML Application template to create the SRA Application.
  4. Enter a name and description for the application, and an application logo if desired.
  5. Under Enable Authentication Flow, check User login only.
  6. Click NEXT.
  7. Enter the ACS URL and Issuer ID URL appropriate for your instance of BeyondTrust. For example, https://myInstance.beyondtrustcloud.com/saml/sso and https://myInstance.beyondtrustcloud.com. This information is also displayed when the application is configured in Remote Support.
  8. Add SAML Attributes:
    • Email: <Email>
    • FirstName: <First Name>
    • Groups: TestGroup
    • LastName: <Last Name>
    • Username: <User ID>
  9. Click SUBMIT.
  10. Click ADD RESOURCE RULE.
  11. Select the Group to Add, to provide application access to its members.
  12. From the Applications List, click the download link to download the metadata file file.
  13. Continue the configuration in BeyondTrust Remote Support

Configure Remote Support

Once the app has been configured, follow these steps to add the provider to BeyondTrust Remote Support:

  1. Log in to Remote Support
  2. Navigate to Users & Security > Security Providers.
  3. Click +ADD.
  4. Select SAML For Representatives.
  5. Click UPLOAD IDENTITY PROVIDER METADATA to import the metadata file downloaded from IDaaS, which includes the signing certificate.
  6. The service provider information needed to configure the SAML application in IDaaS in available under Service Provider Settings.
  7. The default User Attribute Settings can be modified to match the application attributes, if necessary.
  8. Under Authorization Settings, a default group policy must be selected. Also, enter a name in Available Groups that matches the static value configured for the Groups attribute for IDaaS SAML Application.

Test the integration

On the Remote Support login page, select Use SAML Authentication under Authenticate Using.

You will be redirected to the IDaaS login page, where you can authenticate using an IDaaS User who is a member of the Authorization Group configured for the SAML Application.

You are then authenticated to Remote Support.

Under Users & Security, Users, the new user account has been provisioned via SAML.

Updated 5 days ago

©2003-2025 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.