Integrate Zoho with Conditional Access

In this topic, you will find general instructions on how to integrate Zoho with Portnox™ Conditional Access for Applications.

Create a Portnox Cloud application configuration

In this step, you will create a configuration in Portnox Cloud that will contain all the information necessary to integrate with Zoho.

  1. In a new tab of your browser, open your Portnox Cloud account by accessing the following URL: https://clear.portnox.com/

    From now on, we will call this tab the Portnox tab.

  2. In the Cloud portal top menu, click on the Applications option.

  3. On the Applications screen, click on the Add application button, and select the Add new SAML application option.

  4. Optional: If you have more than one SAML identity provider configured, select the identity provider in the Select an identity provider to use for this application section.
  5. In the Application details section, enter an Application name and optionally a Description.

    In this example, we used the name Zoho for the new application configuration but you can use any name you like.

  6. Keep this browser tab open. You will need it later.

Open your Zoho SAML authentication settings

In this section, you will access your Zoho SAML authentication settings page.

  1. In another tab of your browser, open your Zoho SAML Authentication page by accessing the following URL: https://accounts.zoho.eu/home#org/org_saml.

    From now on, we will call this tab the Zoho tab.

  2. Click on the Download Metadata button and save the metadata file to the local drive.

    You will need this metadata file later to copy the configuration values to the Portnox tab.

  3. Click on the Set up Now button.

Copy configuration values from the Portnox tab to the Zoho tab

In this section, you will copy the values displayed by Portnox Cloud and paste them in the relevant fields in the Zoho SAML authentication section.

  1. In the Portnox tab, in the Service details section, click on the  ⧉  icon next to the Sign-In URL / SSO URL field to copy the value.

  2. In the Zoho tab, click on the empty field under the Sign-in URL label and paste the value copied from Portnox Cloud.

  3. In the Portnox tab, in the Certificates > Signing certificates section, click on the  ⋮  icon next to the Active certificate and select the Download certificate option to download the certificate to the local drive.

  4. In the Zoho tab, click on the  ↥  icon next to the X.509 Certificate field and upload the downloaded certificate file.

Copy the configuration values from the metadata file to the Portnox tab

In this section, you will copy the configuration values stored in the downloaded metadata file and paste them in the relevant fields in Portnox Cloud.

  1. Open the Zoho metadata file downloaded earlier (zohometadata.xml) in a browser.

    For example, in Windows, simply double click on the downloaded file.

  2. In the metadata content, find the <md:EntityDescriptor> element and its entityID attribute, and then copy its value (without the quotes) using your operating system’s copy shortcut.

  3. In the Portnox tab, in the Application properties section, click on the empty field under the Entity ID / Service Provider Entity URL heading and paste the copied value.

  4. In the metadata content, find the <md:AssertionConsumerService> element and its Location attribute, and then copy its value (without the quotes).

  5. In the Portnox tab, in the Application properties section, click on the empty field under the Assertion Consumer Service (ACS) URL / Reply URL heading and paste the copied value.

Finalize the configuration

In this section, you will finalize the configuration in Portnox Cloud and Zoho.

  1. Finalize the configuration in the Portnox tab.
    1. Optional: In the POLICY ASSIGNMENTS section, change the setting to Application-based and then select an access control policy and a risk assessment policy if you want to control access to this application without using groups.
    2. Scroll all the way down to the end of the page, and then click on the Save button.

  2. Finalize the configuration in the Zoho tab.
    1. Click on the Submit button.

      Note: Zoho may ask you to confirm your identity with your password because this is a sensitive operation.

Result: You have configured Zoho to be accessible using Portnox Conditional Access for Applications.