Self-Service Federation

Register your organization for the Federated Single Sign On (SSO) using the self-service application. The registration wizard guides you through the process.

Access Self-Service Federation

  1. Log into the Equinix Customer Portal (https://customerportal.equinix.com/), then from the Administration menu, click Account & Security Management.

    The security management page appears.

  2. Click Federated Single Sign-On.

Note:

This guide is also available within the Self Service application. Click the Support tab next to Home. Click Equinix Federation Customer Guide to see the user guide.

Registering for Self Service Federation

As a master administrator of your organization, you must register for federated single sign-on and give your information.

  1. After selecting the Single Sign-On card, the Federation Registration page appears containing instructions that explain the set-up process.

    Important: This page contains a link to download Equinix SAML metadata. Carefully read the instructions before continuing.

    Click Next.

  2. On the Metadata Details page, provide the metadata information in one of two ways:

    1. Upload your SAML file.

      Note: Uploading your SAML file automatically enters the required information.

      The Entity ID, SSO URL, and Identity Location fields are disabled and you won't be able to edit them.

      To change these fields, click Discard, then import a new SAML file, or enter the information manually.

      Important: Equinix requires a user email address in the SAML response. All other attributes will be ignored.

      – or –

    2. Manually enter your information:
      • Customer Prefix - Enter a unique prefix for your registration.

        This prefix is used to create a unique federation URL for your organization.

        For example, the prefix xyz means your federation URL will be https://xyzcustomerportal.equinix.com.

      • Entity ID - Enter the entity ID for your organization.
      • Single-Sign-On URL - Enter the IDP URL where Equinix will Post the SAML Request.

      • Identity Location - This is the attribute that holds the unique attribute identifying a user, such as email address.

        Select one:

        • Default Name Identifier - Choose this option if the default user email attribute will be sent in the Default Name ID as shown in the response.
        • Custom Name Identifier - Choose this option if the default user email attribute will be sent in any other attribute than the Default Name ID as shown in the response.

    After choosing one of these options, click Next.

  3. The Technical Contact page appears. This tells us who is the point of contact between your organization and Equinix. For Point of Contact, select External or Internal.

    • Internal (Default) – To add a user as the point of contact who is already on-boarded with Equinix, select a name from the list of users. You can Search if the list is long.

    • External – To add a user as the point of contact who is not on-boarded with Equinix, enter the first name, last name, email address and phone number.

      Note: Typically, the Identity Administrator from your organization is not on-boarded with Equinix.

    Click Next.

  4. The Certificate Upload page appears.

    • If your certificate is provided as a part of your SAML metadata, then you don't need to upload it again.

    • If your certificate is not part of the SAML data, then upload it here.

      Note: Equinix will use this certificate to validate the authenticity of the SAML requests that are originating from your organization.

      The certificate end date is validated, and expired certificates are not accepted.

      Click Submit.

  5. The Federation Details page appears showing the provision status as Submitted.

    Note: For more details about the provisioning statuses, check the information about various statuses that you might see during the process.

    To clear any updates, click Discard.

    To accept any updates, click Submit Changes.

    When the status is Approved, you won't be able to update the form.

    Federation statuses:

    • SUBMITTED – The application registration request has been submitted and is being reviewed by Equinix Administrator.
    • AWAITING RESPONSE – The Equinix Administrator needs additional information to process your request.
    • IN-PROGRESS – Provisioning is in progress.
    • PROVISIONED – The application is provisioned in all systems.
    • COMPLETED – The application is tested by the customer and the request is closed.
  6. The Equinix administrator will review your submitted information and will contact you if further information is required. You can see the comments entered by the administrator on your request page.

    During this process, you will receive emails updating you on the progress.

  7. When the Federated SSO configuration is complete, look for the email that validates the federation URLs created for your organization.

  8. Revisit the self-service federation application request page to validate the generated urls.

  9. To complete the request, check the box that confirms you have validated the URLS and they are working. This updates the status of the request to COMPLETED.

    Note: In case any or all these URLs don't work, please reach out to your Equinix point of contact to resolve the issue.

    When your organization is successfully on-boarded, you can use the request page to upload a new certificate or change point-of-contact information.

    1. To upload a new certificate, from the List of Certificates tab, click Upload Certificate.

    2. To update the point of contact, from the Technical Contact tab, click Change Point of Contact.