Skip to main content
McAfee Enterprise MVISION Cloud

Configure SAML Parties to Work Together

SAML authentication requires configuration in your identity provider, on the endpoints in your organization, and in Skyhigh CASB.

Configure your identity provider

For SAML authentication with WSGS, configure your identity provider to use this URL:

https://saml.wgcs.mcafee-cloud.com/saml

Because the cloud service consumes SAML assertions sent by the identity provider, this setting is known as the Assertion Consumer Service (ACS) URL.

Configure the endpoints

Deploy the default CA provided by Skyhigh Security to the endpoints.

For SAML authentication without IP range, IPsec, or GRE mapping, configure the browsers on the endpoints to

send web requests to port 8084, as follows:

c<customer_id>.wgcs.mcafee-cloud.com:8084

Configure Skyhigh CASB

Configuring SAML authentication for WSGS in Skyhigh CASB includes these overall tasks:

  1. Configure the SAML authentication settings during setup.
  2. (Optional) Add a SAML configuration to a location with IP range, IPsec, or GRE mapping configured.

Permissions

You need Administrator | Setup & Configuration permissions to access the Secure Web Gateway Setup UI and configure SAML authentication.

  • Was this article helpful?