Integrate Wrike with Conditional Access

In this topic, you will find general instructions on how to integrate Wrike with Portnox™ Conditional Access for Applications.

Note: SAML SSO integration is available in Wrike in the Enterprise and Pinnacle plans. It is not available in the Free, Team, or Business plan.

Create a Portnox Cloud application configuration

In this step, you will create a configuration in Portnox Cloud that will contain all the information necessary to integrate with Wrike.

  1. In a new tab of your browser, open your Portnox Cloud account by accessing the following URL: https://clear.portnox.com/

    From now on, we will call this tab the Portnox tab.

  2. In the Cloud portal top menu, click on the Applications option.

  3. On the Applications screen, click on the Add application button, and select the Add new SAML application option.

  4. Optional: If you have more than one SAML identity provider configured, select the identity provider in the Select an identity provider to use for this application section.
  5. In the Application details section, enter an Application name and optionally a Description.

    In this example, we used the name Wrike for the new application configuration but you can use any name you like.

  6. Keep this browser tab open. You will need it later.

Open your Wrike single SAML SSO settings

In this section, you will access your Wrike SAML SSO settings pane.

  1. In another tab of your browser, open Wrike and log in to your workspace.

    From now on, we will call this tab the Wrike tab.

  2. In the top-left corner, click on your user icon to open the menu, and then select the Settings option.

  3. In the Settings pane, in the left-hand side menu, click on the Account management > Security option, scroll the right-hand side pane down to the SAML SSO section, and then click on the Setup SAML SSO button.

    Important: Before you begin setting up SAML SSO, you need to make sure that you have a verified company domain added to Wrike. This will allow all users with emails in the company domain to be authenticated using Conditional Access.

  4. In the first step of the SAML SSO Setup wizard, select the Other option, and then click on the Next button.

  5. In the second step of the SAML SSO Setup wizard, click on the Next button.

Copy configuration values from the Portnox tab to the Wrike tab

In this section, you will copy the values displayed by Portnox Cloud and paste them in the relevant fields in the Wrike SAML SSO setup section.

  1. In the Portnox tab, in the SAML metadata section, click on the  ⧉  icon next to the text field to copy the value.

  2. In the Wrike tab, in the third step of the SAML SSO Setup wizard, click on the Use URL to provide XML option, and in the field below, paste the metadata URL copied from Portnox Cloud. Then, click on the Next button.

Enter configuration values in the Portnox tab

In this section, you will enter configuration values in the relevant fields in Portnox Cloud.

  1. In the Portnox tab, in the Application properties section, click on the empty field under the Entity ID / Service Provider Entity URL heading and enter the following value: https://www.wrike.com.

  2. In the Portnox tab, in the Application properties section, click on the empty field under the Assertion Consumer Service (ACS) URL / Reply URL heading and enter the following value: https://login.wrike.com/saml/SSO.

Finalize the configuration

In this section, you will finalize the configuration in Portnox Cloud and Wrike.

  1. Finalize the configuration in the Portnox tab.
    1. Optional: In the POLICY ASSIGNMENTS section, change the setting to Application-based and then select an access control policy and a risk assessment policy if you want to control access to this application without using groups.
    2. Scroll all the way down to the end of the page, and then click on the Save button.

  2. Finalize the configuration in the Wrike tab.
    1. In the fourth step of the SAML SSO Setup wizard, click on the Enable SAML settings button.

    2. In the fifth step of the SAML SSO Setup wizard, enter the code that you received via email, and then click on the Confirm button.

    3. In the sixth step of the SAML SSO Setup wizard, follow the instructions to test your configuration, and then click on the Save SAML Settings button.

    4. In the SAML SSO section, change the setting of the Enforce login via SAML SSO for field to Users with approved domains only.

      Note: For security reasons, we recommend that you add an administrative user from an external domain, which would only be used to log in to Wrike and change settings in the unlikely event of issues with SAML SSO.

Result: You have configured Wrike to be accessible using Portnox Conditional Access for Applications.