Contents x
    Configure Thick-Client applications
    • 23 May 2023
    • 3 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    Configure Thick-Client applications

    • Updated on 23 May 2023
    • 3 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Article summary

    The thick client applications, also known as Desktop applications, are installed on the user’s machine. 

    Cross identity supports SSO to thick client applications with the help of a thick client agent. It must be installed on the user’s machine to perform credential injection action into the login fields. 

    Configure a thick client-based application:

    1. Navigate to Applications from the menu. Click Add Application.
    2. In the AppStore pane, click Desktop to view thick client apps. Example- Putty.
    3. Select the application and it will take you to the Application Configuration page.
    4. Configure the application using the following:
    • Application Name: It is a pre-filled text field. The name can be edited as per requirement. 
    • Application Logo: Upload the application logo if you want to change the existing one. It supports PNG & JPEG formats.
    • Application SSO Executable: Enter the Application SSO Executable file.
    • Login ElementsSelect the determinants of login elements based on their type and value. Only an administrator can set element types:
      • Set by User: Attribute value set by the user while performing single sign-on to the application for the first time.
      • Set by Admin: The attribute value an Admin sets will be the same for all the users. (This option is used when all users use the same application service account.) 
      • Directory Attribute: Attribute value defined by the Active Directory.
    • Certificate to validate authentication request: Select the certificate to validate the authentication request.
    • Application SSO Executable: For CI to call the respective desktop application and perform SSO, we must set up the application in our system along with CID executables. The CI Extension will call these to open that specific application and pass the credentials to that application. 

      The below figure shows the different executables for applications like Putty, SAP, and Tiamo installed in the System to perform SSO. 

    1. Click Save. An "Application updated successfully" confirmation message is displayed.
    2. Click Close.

    Application Authorization

    An Administrator can authorize this application to respective users and roles.

    Authorize Role

    As an administrator, CI allows you to select specific roles authorized to access an application. 

    To authorize roles, perform the following steps: 

    1. Navigate to Application Authorization. The application authorization screen is displayed.
    2. Click Authorize Role > Add Role. The Add Role screen is displayed.
    3. Enter a Role Name in the search field.
    4. Select a role from the results and then click Add.
    5.  The added role is displayed on the screen.
      Information:
       Based on the role type, it allows the user to select either static or dynamic.

    Authorize Users

    As an administrator, CI allows only specific users to access the application. 

    To authorize users, perform the following steps: 

    1. Click Authorize Users > Add User.
    2. Enter a username in the search field.
    3. Select a user from the results and then click Add
    4. The added user is displayed on the screen. 
      Information:
      You can remove users from the Remove User tab.

    License

    This applies to the pay-per-use model, where the admins can assign a specific number of licenses for use in SSO. This prevents over-utilization of the application. 

    1. Navigate to License.
    2. Max. User Licenses: Enter the maximum number of licenses which can be issued to the application.
    3. Application License Price: Enter the price for each license to calculate the total cost and displayed it on the Consumption Dashboard. 
    4. Click Save.

    Password Sync

    Password Sync synchronizes new passwords with Cross Identity’s password vault. Whenever a user performs SSO to the application, they would not need to manually update the credentials vault. The new password will be synced directly to provide a seamless Single Sign On experience. 

    To enable password sync, follow the steps:

    1. Navigate to Password Sync.
    2. Check the box Enable password sync? to activate password sync.
    3. Click Save. A “Password sync setting updated successfully” confirmation message is displayed

    Provisioning

    You can associate a provisioning application with each Desktop SSO application to authorize users of the Provisioning Application to this SSO App.  

    If you have an owned account in the provisioning application, the SSO icon of the Thick-Client comes up on your SSO launchpad. 

    To associate the provisioning of an application: 

    1. Navigate to Provisioning.
    2. Select Associate, a provisioning application. Select the IGA application associated with the Provisioning Application from the drop-down list. 
    3. Click Save. A “Successfully associated provisioning application” confirmation message is displayed.  
    Was this article helpful?
    What's Next
    Products
    Resources
    Solutions
    Quick Links
    Connect With Us
    Sales and Support
    © Copyright 2023 Cross Identity