Skip to main content

HelloID

Ricoh myPrint SAML application setup
Introduction

This manual shows you how to set up HelloID as IDP for Ricoh myPrint, using the SAML protocol. The configuration takes place in HelloID and in Ricoh myPrint.

Requirements:

  • HelloID environment

  • Ricoh myPrint

Create or Import a Certificate

If there is no certificate yet, a certificate must be imported or created. This can be done in the HelloID Administrator Portal under Settings > Certificates. For this tutorial, we will use a self-signed certificate. Learn more about certificates here.

mceclip0.png
HelloID Application Setup
Add the Ricoh myPrint Application to HelloID

Create a new application in HelloID by navigating to Applications > Applications. Open the Application Catalog and search for "Ricoh myPrint". Find the SAML template, and click Add. Learn more about managing applications here.

mceclip1.png
General tab

On the General tab, fill the default login URL with the Ricoh myPrint URL.

Optionally, you may also add a description. Click Next.

mceclip2.png
Single Sign-on tab

On the Single Sign-On tab, perform the following steps:

  1. The Name ID format should be emailaddress, but can be changed. When you change this, you need to change it also in Ricoh myPrint.

  2. The Issuer should be your HelloID portal URL.

  3. The Endpoint/ACS URL is the endpoint provided by Ricoh myPrint. This will be the AssertionService URL of the specific Ricoh myPrint instance.

  4. The Binding is by default HTTP-POST. When you change this, you need to change it also in Ricoh myPrint.

  5. In the X509 Certificate dropdown, select the certificate that you created or imported previously.

  6. The Custom Digest method can be the default.

  7. The Custom signature method can be the default.

  8. Click Next.

mceclip3.png
Self service tab

On the Self Service tab, choose whether to automatically create a Self Service product, which makes the application requestable. This is optional. Click Next.

Finish tab

On the Finish tab, click Save to add the application to HelloID.

mceclip4.png
Application metadata

After saving the Ricoh myPrint application, click its Edit link on the applications overview. This will bring you to its properties page.

You now have two options to obtain the application metadata.

Static metadata (download)

You can simply click Download metadata at the right top of the screen and save the file to your local computer for later use in Ricoh myPrint.

mceclip5.png
Dynamic Metadata (URL)

You can copy the link address (something along the lines of https://enyoi.helloid.com/metadata/download?ApplicationGUID=e6e741f5-a469-4849-93f7-fe2e259a339f) and replace 'download' with 'index' to view the metadata.

mceclip2.png
Ricoh myPrint Configuration
Configuring Ricoh myPrint

After the Identity Provider has been configured, you can continue configuring Ricoh myPrint. To do so, follow the steps below:

Edit the Single Sign-On settings

Sign in to Ricoh myPrint using an account with admin rights

Go to the Single Sign-On settings

On the SAML 2.0 setting page, fill the fields as mentioned below.

1) Change the SP EntityID to the value of you environment (should be ending with /RicohmyPrint/SAML/Acs)

mceclip6.png

2) Change the IDP EntityID to the URL of your HelloID portal

3) Change the IDP Metadata location to the URL of the metadata of HelloID (as created from step "Dynamic Metadata URL" earlier.

4) Change the IDP Single SignOn URL to the SingleSignOnService URL which can be found in the metadata HelloID.

5) Change the IDP Single Logout URL to the logoff URL. (e.g. "https://<yourHelloIDURL>/authentication/signOff"

6) Fil the Attribute Mapping Configuration with the following values:

Identifier attribute

http://schema.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier

Name attribute

name

Email attribute

emailaddress

GivenName attribute

givenname

mceclip7.png

Click Save and Reset application

You have now successfully configured SSO for Ricoh myPrint in HelloID.

In this section: