Rublon

Secure Remote Access

By

Last updated on October 16, 2024

Overview

The purpose of this document is to enable Rublon Two-Factor Authentication (2FA) for users logging in to Aha!. You have to use Rublon Access Gateway to achieve that. All required steps will be described in this document.

Supported Authentication Methods

Authentication Method Supported Comments
Mobile Push N/A
WebAuthn/U2F Security Key N/A
Passcode N/A
SMS Passcode N/A
SMS Link N/A
Phone Call N/A
QR Code N/A
Email Link N/A
YubiKey OTP Security Key N/A

Before you start

You need to install and configure Rublon Access Gateway itself before configuring Aha! to work with it. Please read the Rublon Access Gateway documentation and follow the steps in Installation and Configuration sections. Afterwards, follow the Configuration section in this document.

Configuration

Follow these steps to enable Rublon 2FA in Aha!.

Aha!

1. Log in to Aha!.

2. Go to Settings → Account.

3. Click Security and single sign-on in the Set Security settings section.

4. Select SAML 2.0 in the Identity provider dropdown. A form will appear.

5. Enter a name for your Identity Provider, e.g. Rublon Access Gateway.

6. Select Metadata URL in Configure using.

7. In the Metadata URL field, enter the value of Entity ID from Rublon Access Gateway (Applications → Information for configuring applications with Rublon Access Gateway).

8. All required fields will be filled in automatically. Ensure Certificate fingerprint algorithm is set to SHA256.

9. Click Enable. Your configuration will be updated.

Two other Configure using options exist. You can select the following options instead of Metadata URL:

Metadata file:

  1. Download the metadata file from Applications → Information for configuring applications with Rublon Access Gateway → DOWNLOAD METADATA.
  2. Upload this metadata file in the Metadata file field in the SAML 2.0 Configuration form in Aha!.
  3. Ensure that Certificate fingerprint algorithm is set to SHA256.
  4. Click Enable.

Manual settings:

  1. In Single sign-on endpoint, enter the value of SSO URL from Rublon Access Gateway (Applications → Information for configuring applications with Rublon Access Gateway).
  2. In Certificate fingerprint, enter the fingerprint of the certificate (not the entire certificate) from Rublon Access Gateway (Applications → Information for configuring applications with Rublon Access Gateway → Fingerprint).
  3. Ensure that Certificate fingerprint algorithm is set to SHA256.
  4. Click Enable.

10. Go to Settings →  Account → Users.

11. Click the name of the user who will be using Rublon 2FA.

12. An Edit User window will appear. Set Identity provider to Rublon Access Gateway (or any other name you set for your identity provider in Step 5).

13. Click Save to save the changes and enable Rublon 2FA for that user.

Rublon Access Gateway

1. In Rublon Access Gateway, go to Applications → Add application.

2. Fill in the form and click SAVE to add a new application. Refer to the following image and table.

Application nameEnter a name for the application, e.g. Aha. The name will be displayed during Rublon 2FA.
Entity IDhttps://examplecompany.aha.io/

Note: Replace examplecompany with the name of your company.
Assertion Consumer Servicehttps://examplecompany.aha.io/auth/saml/callback

Note: Replace examplecompany with the name of your company.
Single Logout Servicehttps://examplecompany.aha.io/session/logout

Note: Replace examplecompany with the name of your company.
NameID formaturn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
NameID attributemail
Send AttributesNameID
Signature algorithmsha-256
Validate AuthnRequestUncheck.
Sign responseCheck.
Certificate for signingSelect the certificate you have downloaded from Applications → Information for configuring applications with Rublon Access Gateway → DOWNLOAD CERTIFICATE.

3. Your configuration is now complete. You can log in to Aha! with Rublon 2FA.

Log in to Aha! with Rublon 2FA

1. Enter the address of your Aha! workspace in your browser. For example, if your workspace is called example, go to: https://example.aha.io/.

2. Click Log In.

3. You will be redirected to Rublon Access Gateway login page.

4. Provide your username and password. Click SIGN IN. A window will appear with a selection of various 2FA options from Rublon. Let’s choose Mobile Push.

5. You will be sent a push notification. Tap APPROVE.

6. You will be successfully logged in to Aha!.

Troubleshooting

If you encounter any issues with your Rublon integration, please contact Rublon Support.

Related Posts

Rublon Access Gateway

Rublon Access Gateway – Integrations