miniOrange provides a ready to use single sign-on solution for Dropbox for Business. This single sign-on solution ensures that you are ready to roll out secure access to Dropbox for Business to your employees within minutes.
Note : The information contained on this page does not create a joint venture, partnership, agency or other form of association, or an express or implied license grant by either party to the other under any patent, trademark, copyright, trade secret or other intellectual property right.
miniOrange provides secure access to Dropbox for Business ( enterprises ) and full control over access of applications, Single Sign On (SSO) into your Dropbox Account with one set of login credentials, eliminating user-managed passwords and the risk of phishing.
Dropbox allows users to access their data from anywhere, and synchronizes data securely across devices. Adding enterprise-grade identity access management from miniOrange makes it easy for IT to deploy and manage how employees access corporate Dropbox accounts. miniOrange provides SAML for secure authentication without passwords, to provide one-click access to Dropbox and all of your other cloud and mobile apps. With Single Sign-On, Dropbox can put its existing trusted IdP in charge of the authentication process.
Secure your Dropbox app from password thefts using multi factor authentication methods with 15+ authentication methods provided by miniOrange. Our multi factor authentication methods prevent unauthorized users from accessing information and resources having password alone as authentication factor. Enabling second factor authentication for Dropbox protects you against password thefts.
miniOrange prevents frauds with its dynamic risk engine in conjunction with enterprise specific security policy. We support a combination of the Device Id, Location and Time of access as multi-factor authentication that can detect and block fraud in real-time, without any interaction with the user.
miniOrange supports both IdP (Identity Provider) and SP (Service Provider) initiated Single Sign On (SSO)
IdP Initiated Single Sign-On (SSO) for Dropbox
In IdP Initiated Login, SAML request is initiated from miniOrange IdP.
Enduser first authenticates through miniOrange Idp by login in to miniOrange Self Service Console.
The Enduser will be redirected to their Dropbox account by clicking the Dropbox icon on the Enduser Dashboard - there is no need to login again.
SP Initiated Single Sign-On (SSO) for Dropbox
In SP Initiated Login, SAML request is initiated by Dropbox.
An Enduser tries to access their Dropbox domain.
They will be redirected to miniOrange Self Service Console.
Here they can enter the miniOrange login credentials and login to their Dropbox Account.
Follow the Step-by-Step Guide given below for Dropbox Single Sign On (SSO)
Need SAML enabled admin account for Dropbox.
Step 1: Configure Single Sign On (SSO) Settings
Login to miniOrange Admin Console, go to Apps Tab from the menu and select Configure Apps.
Select Dropbox from the Application Name drop down menu.
Make sure the SP Entity ID or Issuer is in the format: https://ww.dropbox.com/saml_login.
Make sure the ACS URL is https://www.dropbox.com/saml_login.
Leave the Attributes section empty.
Click on Save to configure DropBox.
Click on Download Certificate link to download the certificate which will be required later.
Go to Admin Console in the left-hand sidebar on the Dropbox page.
In the left-hand sidebar, select Authentication from Admin Console
Under Single sign-on, select the Enable single sign-on checkbox. You will see option to configure single sign-on.
You can make single sign on Optional or Required.
Enter Sign in URL as SP Initiated Redirect Endpoint i.e. https://auth.miniorange.com/idp/samlsso
Upload your miniOrange Certificate as X.509 certificate that was downloaded earlier in screenshot 2.
Note: The certificate should be in .pem format.
Save the settings.
Step 2: Create a policy for Dropbox Single Sign On (SSO)
Login to miniOrange Admin Console, go to Policies Tab from the menu and select App Authentication Policy.
Add a new policy for Dropbox Enterprise here.
Select Dropbox from Application dropdown.
Select a Group Name from dropdown - the group for which you want to add Dropbox policy.
Give a policy name for Dropbox in Policy Name field.
Select the First Factor Type for authentication.
Enable Second Factor for authentication if required.
Click on Save button to add policy for Dropbox Single Sign On (SSO).
Now click on Onboard users into our system from View Policy Tab.
Step 3: Onboard users into our system.
Download sample csv format from our console and create a CSV file containing your users in this format.
Upload your CSV in our console via Bulk Upload.
After uploading the CSV file successfully, you will see a success message.
From Users/Groups menu, select Manage Users/Groups and go to OnBoarding Status.
Select users to send activation mail and click on send activation mail. An activation mail will be sent to the selected users.
Step 4: Register users into our system (End Users)
Sign In to your mail and click on registration link that is valid only for 5 days. You will be redirected to our registration page.
Configure your basic details.
Configure any strong authentication method.
Configure KBA (Security Questions) as your fallback method, in case you lost your phone this will get invoked and save your details.
After successful registration, you will see a registration successful message.
Step 5: Now sign in to your Dropbox account with miniOrange IdP by either of the two steps:
1. Using SP initiated login :-
Login to your Dropbox Business account
Go to Dropbox Login
Enter only the Email. And click on Continue. Now you will be redirected to miniOrange IdP Single Sign On Page.
Enter your miniOrange login credential and click on Login. You will be automatically logged in to your Dropbox account.
2. Using IdP initiated login :-
Login to your miniOrange Self Service Console as an End User and click on the Dropbox icon on your Dashboard.
Using Two Factor Authentication for Dropbox
The most practical way to strengthen authentication is to require a second factor after the username/password stage. Since a password is something that a user knows, ensuring that the user also has something or using biometrics thwarts attackers that steal or gain access to passwords.
Traditional two-factor authentication solutions use hardware tokens (or "fobs") that users carry on their keychains. These tokens generate one-time passwords for the second stage of the login process. However, hardware tokens can cost up to $40 each. It takes time and effort to distribute them, track who has which one, and replace them when they break. They're easy to lose, hard to use, and users consistently report high levels of frustration with token-based systems.
Your choice of second factor
miniOrange authentication service has 15+ authentication methods.
You can choose from any of the above authentication methods to augment your password based authentication. miniOrange authentication service works with all phone types, from landlines to smart-phone platforms. In the simplest case, users just answer a phone call and press a button to authenticate. miniOrange authentication service works internationally, and has customers authenticating from many countries around the world.