This article outlines the information and steps you need to take in order to configure Dropbox to use the Hypersocket SAML Identity Provider. Once configured your users will be redirected to your Hypersocket Server to authenticate.
Step 1 - Get the Unique Sign-in URL from Dropbox
Log into your Dropbox account as administrator and navigate to Admin->Authentication. Select Enable Single signon and expand the the text by pressing the More hyperlink to reveal your unique sign-in URL.
Take a copy of your signin URL, for example, https://www.dropbox.com/sso/123456789.
We will continue configuring Dropbox in Step 4.
Step 2 - Create the Resource from the Template
Log into your Hypersocket server as admin and navigate to Single Sign On -> SAML. Select Search Templates and select the Dropbox SAML template and click Next.
You will be asked for your Dropbox unique login URL number which you copied in Step 1, enter this here.
Click Next and you should be presented with this article. At this point click on the Goto Article link to open this article in a separate browser window so that you can return to the SAML list of resources where your Dropbox SAML resource should now be present.
Step 3 - Download SAML metadata
You will need a couple of things from your server in order to configure DropBox. First you will need to download the SAML metadata.
In the table of SAML resources locate the DropBox SAML resource, and click the options icon to activate the dropdown. Select Download Metadata; this is an XML file that contains information about the Identity Provider and its access points.
Next, navigate to Configuration->Certificates and locate the SAML RSA certificate. Again using the options icon to activate the dropdown, select Download Certificate
Before proceeding to the next step, open the XML file containing the metadata and locate the logon service URL. This is located towards the end of the document and will look like
Copy the entire URL as this will be entered into the DropBox settings.
Step 4 - Configure Dropbox
Once you have setup the SAML resource on your server you will now need to log into your DropBox account as Administrator so that you can configure the rest of the settings.
First, once logged in, navigate to Admin->Authentication the same location from where you retrieved the login URL in Step 1.
You have two options on how you wish to single sign-on to Dropbox, Optional and Required. Initially you should choose Optional to help you test everything since you can choose whether to use sso login or Dropbox login, once everything is working select Required.
Enter the logon service URL as identified in Step 3 into the sign-in URL.
Then upload the certificate crt file as downloaded in Step 3.
Step 5 - Final Checks
One final step before you start using your Dropbox resource, ensure that you have assigned some Roles to it so that its available for users to use.
In addition, each user's email address must match their Dropbox logon email as this is the primary link between accounts.
Once access is assigned log out of DropBox and then access Hypersocket as a user with the rights to use the new resource. In Browser Resources section under My Resources click the launch icon to access DropBox.
Step 6 - Enable Required Mode
If everything is working you can now set single signon to required in Dropbox under Admin->Authentication as shown below. All users will now have to use single sign on login using their AD account in Hypersocket SSO.