Adobe Single Sign On Configuration with Rapid Identity

Search
Enterprise

Enterprise

Admin Console

Applies to enterprise.

Adobe Single Sign On Configuration with Rapid Identity

Overview

The Adobe Admin Console allows a system administrator to configure domains which are used for login via Federated ID for Single Sign-On (SSO). Once the domain is verified, the directory containing the domain is configured to allow users to log in to Creative Cloud. Users can log in using email addresses within that domain via an Identity Provider (IdP). The process is provisioned either as a software service which runs within the company network and is accessible from the Internet or a cloud service hosted by a third party that allows for the verification of user login details via secure communication using the SAML protocol.

One such IdP is Rapid Identity. To use Rapid Identity, you need a server that is accessible from the Internet and has access to the directory services within the corporate network. This document describes the process to configure the Admin One Console and a Rapid Identity server to log in to Adobe Creative Cloud applications and associated websites for Single Sign-On.

Prerequisites

Before configuring a domain for single sign-on using Rapid Identity, ensure that the following requirements are met:

  • The server is accessible from user workstations (for example, via HTTPS)
  • All Active Directory accounts to be associated with a Creative Cloud for Enterprise account have an email address listed within Active Directory.

Configure single sign-on using Rapid Identity

To configure single sign-on for your domain, do the following:

  1. Sign in to the Admin Console and start with creating a Federated ID directory, selecting Other SAML Providers as the identity provider. Download the Adobe metadata file from the Add SAML Profile screen.
  2. Configure Rapid Identity, upload the Adobe metadata file, and download the IdP metadata file from Rapid Identity.
  3. Return to the Adobe Admin Console and upload the IdP metadata file in the Add SAML Profile screen and click Done.

Configure Rapid Identity

To set up SSO with Rapid Identity, do the following:

  1. Log in to Rapid Identity as an Administrator and select 'IDP Configuration' option under 'Configuration'.

  2. Click the 'Register New Service provider' menu.

  3. Provide a name to the Service provider and paste the Adobe metadata file content. 

  4. Set the configuration in 'SSO Advanced Settings' and  'ECP Advanced Settings'.

  5. Go to Edit IDP Attributes section and add the attribute for FirstName, LastName, and Email.

    IDP attributes

  6. Go to Name ID Attributes and add the attribute.

  7. Click Save.

Upload IdP metadata file to Adobe Admin Console

To update the latest certificate to the Adobe Admin Console, return to the Adobe Admin Console. Upload the certificate downloaded from Rapid Identity, to the Add SAML profile screen and click Done.

Test your setup

Check the user access for a user who you have defined in your own identity management system and in the Adobe Admin Console, by logging in to the Adobe website or the Creative Cloud desktop app.

If you encounter problems, see our troubleshooting document.

If you need assistance with your single sign-on configuration, navigate to Adobe Admin Console > Support to contact us.

Additional information

Note:

If you modify the portal, ensure that you click the 'Trigger Service Reload' and the 'Trigger Web Reload' options after modifying. Otherwise, the changes made on the portal are not effective.

Get help faster and easier

New user?

Quick links

View all your plans Manage your plans
View quick links
Hide quick links

Legal Notices    |    Online Privacy Policy