Getting Started with SITE Ray
This guide covers SITE Ray onboarding tasks: signing in, accessing the application, preparing network allowlists, and requesting Custom SSO integration.
Sign In
-
Open your SITE Ray tenant URL.
https://xxx.ray.sa -
Sign in with your organization email address.
- Enter the one-time password sent to your inbox.
Optional SSO
ADFS Single Sign-On with MFA is supported upon request. The Custom SSO requirements are listed later in this page.
Ray Applications and Accessibility
SITE Ray can also be accessed through the mobile applications:
Additional access can be requested for:
| Access | Purpose |
|---|---|
| Admin Portal | Managing users and settings. |
| Outlook Integration Plugin | Enabling calendar and meeting scheduling integration. |
Firewall and Communication Requirements
Apply the following network allowlist rules for SITE Ray access and real-time meeting traffic.
| IPs/Domains | Ports | Affected Controls for End-Users |
|---|---|---|
176.105.148.217 |
443 TCP |
Endpoint management, network devices, firewalls, proxies, and inspection services that can affect real-time applications. |
176.105.148.218 |
20000-50000 UDP/TCP |
Endpoint management, network devices, firewalls, proxies, and inspection services that can affect real-time applications. |
176.105.149.38 |
TCP/443, UDP/5394, UDP/3478 |
Endpoint management, network devices, firewalls, proxies, and inspection services that can affect real-time applications. |
176.105.148.221 |
TCP/443, UDP/5394, UDP/3478 |
Endpoint management, network devices, firewalls, proxies, and inspection services that can affect real-time applications. |
*.ray.sa |
Whitelist on the corporate firewall or policy controls. | Endpoint management, network devices, firewalls, proxies, and inspection services that can affect real-time applications. |
Firewall inspection can degrade meetings
Endpoint controls, networking devices, firewalls, proxies, and inspection services can affect streaming and conferencing traffic.
Client ADFS Integration Requirements
SITE Ray provisioning supports Email OTP, SITE SSO, and Custom SSO. For Custom SSO with the client's Active Directory integrated to the provisioned SITE Ray instance, use the following ADFS requirements:
- Provide the ADFS certificate file in
.cerformat. - Provide the LS endpoint URL.
- In ADFS, open the Relying Party Trusts configuration and edit the relying party properties.
-
Add or edit the identifier:
https://<tenant_subdomain>.ray.sa/_saml/metadata.xml -
Add or edit the endpoint as
POST, preferably with index0:https://<tenant_subdomain>.ray.sa/_saml/metadata.xml -
Add or edit the endpoint as
Redirect, preferably with index1:https://<tenant_subdomain>.ray.sa/_saml/metadata.xml -
In Edit Claim Issuance Policy, add the required two claim rules.
- Use a custom rule template named
LDAP.
- Use a custom rule template named
c:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname", Issuer == "AD AUTHORITY"]
=> issue(store = "Active Directory", types = ("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn", "http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname"), query = ";mail,givenName,sn,userPrincipalName,sAMAccountName;{0}", param = c.Value);
- Use a Transform an Incoming Claim rule template
Enable Pass through all claim values.
Getting Support
For assistance, you may reach out via any of the following channels:
- Phone: +966 11 813 1100
- Email: support@site.sa
- Support Portal: support.cloud.site.sa
- User Guide for Support: https://docs.cloud.site.sa/Support/User-Manual