Integrate Wrike with Zero Trust Network Access

In this topic, you will find general instructions on how to integrate Wrike with Portnox™ Zero Trust Network Access using the conditional access method.

Note: SAML SSO integration is available in Wrike in the Enterprise and Pinnacle plans. It is not available in the Free, Team, or Business plan.

Create a Portnox Cloud application configuration

In this step, you will create a configuration in Portnox Cloud that will contain all the information necessary to integrate with Wrike.

  1. In a new tab of your browser, open your Portnox Cloud account by accessing the following URL: https://clear.portnox.com/

    From now on, we will call this tab the Portnox tab.

  2. In the Cloud portal top menu, click on the Zero Trust Resources option.

  3. On the Resources screen, click on the Create resource button.

    1. In the What type of resource is this? section, select the SSO web resource option.
    2. In the Authentication protocol section, select the SAML option.
    3. Click on the Next button.

  4. Optional: If you have more than one SAML identity provider configured, select the identity provider in the Select an identity provider to use for this resource section.
  5. In the Resource details section, enter a Resource name and optionally a Description.

    In this example, we used the name Wrike for the new application configuration but you can use any name you like.

  6. Keep this browser tab open. You will need it later.

Open your Wrike single SAML SSO settings

In this section, you will access your Wrike SAML SSO settings pane.

  1. In another tab of your browser, open Wrike and log in to your workspace.

    From now on, we will call this tab the Wrike tab.

  2. In the top-left corner, click on your user icon to open the menu, and then select the Settings option.

  3. In the Settings pane, in the left-hand side menu, click on the Account management > Security option, scroll the right-hand side pane down to the SAML SSO section, and then click on the Setup SAML SSO button.

    Important: Before you begin setting up SAML SSO, you need to make sure that you have a verified company domain added to Wrike. This will allow all users with emails in the company domain to be authenticated using Zero Trust Network Access.

  4. In the first step of the SAML SSO Setup wizard, select the Other option, and then click on the Next button.

  5. In the second step of the SAML SSO Setup wizard, click on the Next button.

Copy configuration values from the Portnox tab to the Wrike tab

In this section, you will copy the values displayed by Portnox Cloud and paste them in the relevant fields in the Wrike SAML SSO setup section.

  1. In the Portnox tab, in the SAML metadata section, click on the  ⧉  icon next to the text field to copy the value.

  2. In the Wrike tab, in the third step of the SAML SSO Setup wizard, click on the Use URL to provide XML option, and in the field below, paste the metadata URL copied from Portnox Cloud. Then, click on the Next button.

Enter configuration values in the Portnox tab

In this section, you will enter configuration values in the relevant fields in Portnox Cloud.

  1. In the Portnox tab, in the Resource properties section, click on the empty field under the Entity ID / Service Provider Entity URL heading and enter the following value: https://www.wrike.com.

  2. In the Portnox tab, in the Resource properties section, click on the empty field under the Assertion Consumer Service (ACS) URL / Reply URL heading and enter the following value: https://login.wrike.com/saml/SSO.

Finalize the configuration

In this section, you will finalize the configuration in Portnox Cloud and Wrike.

  1. Finalize the configuration in the Portnox tab.
    1. Optional: In the Policy enforcement section, in the Device risk assessment section, change the setting to Override with custom policy and then select a risk assessment policy if you want to assess risk with this application using a custom risk assessment policy, and in the Access control section, change the setting to Override with custom policy and then select an access control policy if you want to control access to this application using a custom access control policy.
    2. Scroll all the way down to the end of the page, and then click on the Save and Close button.

  2. Finalize the configuration in the Wrike tab.
    1. In the fourth step of the SAML SSO Setup wizard, click on the Enable SAML settings button.

    2. In the fifth step of the SAML SSO Setup wizard, enter the code that you received via email, and then click on the Confirm button.

    3. In the sixth step of the SAML SSO Setup wizard, follow the instructions to test your configuration, and then click on the Save SAML Settings button.

    4. In the SAML SSO section, change the setting of the Enforce login via SAML SSO for field to Users with approved domains only.

      Note: For security reasons, we recommend that you add an administrative user from an external domain, which would only be used to log in to Wrike and change settings in the unlikely event of issues with SAML SSO.

Result: You have configured Wrike to be accessible using Portnox Zero Trust Network Access.