To successfully connect SPS to the inWebo endpoints, the following is required:
- A valid inWebo subscription that permits multi-factor authentication.
- Users must be enrolled in inWebo and their access must be activated.
- A valid inWebo API token.
- Users must install the inWebo Mobile app.
- One Identity Safeguard for Privileged Sessions appliance (virtual or physical), at least version SPS 5.11.0.
- A copy of the SPS inWebo Multi-Factor Authentication plugin.
- SPS must be able to access the Internet (at least the services on api.myinwebo.com).
The connection also requires the Service ID that is displayed on the inWebo Administration interface under the Service Users tab.
- Add users to your inWebo account.
For details on adding or importing your users, see the inWebo User guide.
- Enable Multi-Factor (MFA).
For details, see the inWebo Authentication API guide.
- Create an API token.
Navigate to Admin | API | Tokens
Click Create Token and save it.
- Download the SPS inWebo plugin.
The inWebo plugin can be download from here.
- Upload the plugin to SPS.
- Configure the plugin on SPS.
The plugin includes a default configuration file, which is an ini-style configuration file with sections and name=value pairs.
Navigate to Policies | AA Plugin Configurations page of the SPS web interface.
- Configure a connection policy and test it.
In the AA plugin field of the Connection policy, select the SPS inWebo plugin you configured in the previous step, then start a session to test it.