Integration of Dropbox Business with DoubleClue using SAML

1. Introduction

This guide is intended for users of Dropbox Business who would like their team members to log into Dropbox Business via DoubleClue using SAML 2.0. For more information on this product, please visit https://www.dropbox.com/business.

Requirements:

  • Dropbox Business account with readily registered team members.
  • DoubleClue Enterprise Management (DCEM) installation with readily registered users matching team member emails.

2. Preparing DCEM to be an Identity Provider

In order to prepare DCEM to be an Identity Provider, please see chapter 12 of “DCEM_Manual_EN.pdf”.

3. Setting up Dropbox Business

  1. Log into your Dropbox Business account on https://www.dropbox.com/login .
  2. Go to “Admin Console” from the menu on the left.
  3. Go to “Settings” from the menu on the left.
  4. Go to “Single sign-on”.
  5. Choose “Optional” or “Required” from the dropdown menu on the top right corner.
  6. For “Identity provider sign-in URL”, copy the SSO Domain you entered during SAML setup (see chapter 12.1.3 of “DCEM_Manual_EN.pdf”) and add /dcem/samlto it.
  7. Repeat the process for “Identity provider sign-out URL”, but add /dcem/saml/logout.xhtml
  8. For “X.509 certificate”, upload the certificate file you downloaded during SAML setup (see chapter 12.1.4 of “DCEM_Manual_EN.pdf”).
  9. Click on “Save”.

DCEM is now registered as an Identity Provider for Dropbox Business.

4. Setting Dropbox Business as a Service Provider for DCEM

Option 1: Using the pre-set configuration

  1. In DCEM, go to main menu item “SAML”, sub menu “SP Metadata”.
  2. Click on “Add”.
  3. From the dropdown, choose “Dropbox” and click “Continue”.
  4. Click “OK”.

Option 2: Using a custom configuration

  1. In DCEM, go to main menu item “SAML”, sub menu “SP Metadata”.
  2. Click on “Add”.
  3. From the dropdown, choose “Custom” and click “Continue”.
  4. Enter a unique friendly name in “Display Name”, such as “Dropbox”.
  5. Go to the “Signing” tab and uncheck the box next to “Requests are Signed”.
  6. Go to the “Details” tab.
  7. Entity ID: Dropbox
  8. Assertion Consumer Service Location: “https://www.dropbox.com/saml_login”
  9. Expected NameID Format: EMAIL
  10. Click on “OK”.

Dropbox Business is now registered as a Service Provider for DCEM.