[Access for SaaS] Braintree SAML tutorial (#15575)

* create tutorial and fix weights

* Apply suggestions from code review

Co-authored-by: Patricia Santa Ana <[email protected]>

* implement suggested edit

---------

Co-authored-by: Patricia Santa Ana <[email protected]>

content/cloudflare-one/applications/configure-apps/saas-apps/braintree-saas.md

@@ -0,0 +1,60 @@
+---
+pcx_content_type: how-to
+title: Braintree
+weight: 5
+---
+
+# Connect to Braintree through Access
+
+This guide covers how to configure [Braintree](https://developer.paypal.com/braintree/articles/guides/single-sign-on-sso) as a SAML application in Cloudflare Zero Trust.
+
+## Prerequisites
+
+- A [SAML identity provider](/cloudflare-one/identity/idp-integration/generic-saml/) configured in Cloudflare Zero Trust
+- Admin access to a Braintree production or sandbox account
+
+## 1. Add a SaaS application to Cloudflare Zero Trust
+
+1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**.
+2. Select **Add an application** > **SaaS** > **Select**.
+3. For **Application**, enter `Braintree` and select the textbox that appears below.
+4. For the authentication protocol, select **SAML**.
+5. Select **Add application**.
+6. Fill in the following fields with temporary values:
+    - **Entity ID**: `placeholder`
+    - **Assertion Consumer Service URL**: `https://www.placeholder.com`
+    - **Name ID format**: _Email_
+7. Copy the **SSO endpoint** and **Public key**.
+8. Select **Save configuration**.
+9. Configure [Access policies](/cloudflare-one/policies/access/) for the application.
+10. Select **Done**.
+
+## 2. Enable SSO Configuration in Braintree
+
+1. In Braintree, create a [support ticket](https://developer.paypal.com/braintree/help).
+2. In **Search Issues**, enter `Login and password issues` and select the corresponding value.
+3. In **Issue Details**, fill in the following:
+    - **Merchant ID**: Your Braintree Merchant ID. This is the 16-digit value that follows `/merchants/`in your Braintree Control Panel URL.
+    - **Email domain(s) to be used in user IDs**: The email domain(s) that should be allowed to sign in to your account via SSO.
+    - **Single Sign-on HTTP POST Binding URL**: SSO endpoint from application configuration in Cloudflare Zero Trust
+    - **Certificate for validation**: Public key from application configuration in Cloudflare Zero Trust.
+4. Select whether you are using a **Production** or **Sandbox** account.
+5. Fill out the **Your contact information** fields and select **Submit a help request**.
+6. When you receive an email stating SSO has been successfully configured for your account, you can proceed to the next step.
+
+## 3. Finish adding a SaaS application to Cloudflare Zero Trust
+
+1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**.
+2. Select **Braintree** > **Edit** > **Overview**.
+3. Replace the temporary values for **Entity ID** and **Assertion Consumer Service URL** with the link provided in the successful SSO configuration email from Braintree support. You will use the same link for both values.
+4. Select **Save Application**.
+
+## 4. Test the integration and add SSO users
+
+1. In your Braintree Control Panel, select the **settings** icon > **Team**.
+2. Select your desired test user.
+3. Under **Single Sign-On**, select **Enable**.
+4. Open an incognito browser window. In the address bar, paste `https://id.sandbox.braintreegateway.com` for a sandbox account or
+`https://id.braintreegateway.com` for a production account.
+5. In **Your corporate email address** field, type your test user's email. You will be redirected to the Cloudflare Access login screen and prompted to sign in with your identity provider.
+6. Upon successful sign-in, you can enable SSO for other users using steps 4.1 - 4.3.

content/cloudflare-one/applications/configure-apps/saas-apps/digicert-saas.md

@@ -1,10 +1,10 @@
 ---
 pcx_content_type: how-to
 title: Digicert
-weight: 5
+weight: 6
 ---
 
-# Connect to Digicert through Access (SAML)
+# Connect to Digicert through Access
 
 This guide covers how to configure [Digicert](https://docs.digicert.com/en/certcentral/manage-account/saml-admin-single-sign-on-guide/configure-saml-single-sign-on.html) as a SAML application in Cloudflare Zero Trust.
 

content/cloudflare-one/applications/configure-apps/saas-apps/docusign-access.md

@@ -1,7 +1,7 @@
 ---
 pcx_content_type: how-to
 title: DocuSign
-weight: 6
+weight: 7
 ---
 
 # Connect to DocuSign through Access

content/cloudflare-one/applications/configure-apps/saas-apps/google-cloud-saas.md

@@ -1,7 +1,7 @@
 ---
 pcx_content_type: how-to
 title: Google Cloud
-weight: 7
+weight: 8
 ---
 
 # Connect to Google Cloud through Access

content/cloudflare-one/applications/configure-apps/saas-apps/google-workspace-saas.md

@@ -1,7 +1,7 @@
 ---
 pcx_content_type: how-to
 title: Google Workspace
-weight: 7
+weight: 8
 ---
 
 # Connect to Google Workspace through Access

content/cloudflare-one/applications/configure-apps/saas-apps/greenhouse-saas.md

@@ -1,7 +1,7 @@
 ---
 pcx_content_type: how-to
 title: Greenhouse Recruiting
-weight: 8
+weight: 9
 ---
 
 # Connect to Greenhouse Recruiting through Access

content/cloudflare-one/applications/configure-apps/saas-apps/hubspot-saas.md

@@ -1,7 +1,7 @@
 ---
 pcx_content_type: how-to
 title: Hubspot
-weight: 9
+weight: 10
 ---
 
 # Connect to Hubspot through Access

content/cloudflare-one/applications/configure-apps/saas-apps/jamf-pro-saas.md

@@ -1,7 +1,7 @@
 ---
 pcx_content_type: how-to
 title: Jamf Pro
-weight: 10
+weight: 11
 ---
 
 # Connect to Jamf Pro through Access

content/cloudflare-one/applications/configure-apps/saas-apps/pagerduty-saml-saas.md

@@ -1,10 +1,10 @@
 ---
 pcx_content_type: how-to
-title: PagerDuty (SAML)
-weight: 11
+title: PagerDuty
+weight: 12
 ---
 
-# Connect to PagerDuty through Access (SAML)
+# Connect to PagerDuty through Access
 
 This guide covers how to configure [PagerDuty](https://support.pagerduty.com/docs/sso) as a SAML application in Cloudflare Zero Trust.
 

content/cloudflare-one/applications/configure-apps/saas-apps/pingboard-saas.md

@@ -1,7 +1,7 @@
 ---
 pcx_content_type: how-to
 title: Pingboard
-weight: 12
+weight: 13
 ---
 
 # Connect to Pingboard through Access (SAML)

content/cloudflare-one/applications/configure-apps/saas-apps/salesforce-saas-oidc.md

@@ -1,7 +1,7 @@
 ---
 pcx_content_type: how-to
 title: Salesforce (OIDC)
-weight: 13
+weight: 14
 ---
 
 # Connect to Salesforce through Access (OIDC)

content/cloudflare-one/applications/configure-apps/saas-apps/salesforce-saas-saml.md

@@ -1,7 +1,7 @@
 ---
 pcx_content_type: how-to
 title: Salesforce (SAML)
-weight: 13
+weight: 14
 ---
 
 # Connect to Salesforce through Access (SAML)

content/cloudflare-one/applications/configure-apps/saas-apps/servicenow-saas-oidc.md

@@ -1,7 +1,7 @@
 ---
 pcx_content_type: how-to
 title: ServiceNow (OIDC)
-weight: 14
+weight: 15
 ---
 
 # Connect to ServiceNow through Access (OIDC)

content/cloudflare-one/applications/configure-apps/saas-apps/servicenow-saas-saml.md

@@ -1,7 +1,7 @@
 ---
 pcx_content_type: how-to
 title: ServiceNow (SAML)
-weight: 14
+weight: 15
 ---
 
 # Connect to ServiceNow through Access (SAML)

content/cloudflare-one/applications/configure-apps/saas-apps/slack-saas.md

@@ -1,7 +1,7 @@
 ---
 pcx_content_type: how-to
 title: Slack
-weight: 15
+weight: 16
 ---
 
 # Connect to Slack through Access

content/cloudflare-one/applications/configure-apps/saas-apps/smartsheet-saas.md

@@ -1,7 +1,7 @@
 ---
 pcx_content_type: how-to
 title: Smartsheet
-weight: 16
+weight: 17
 ---
 
 # Connect to Smartsheet through Access

content/cloudflare-one/applications/configure-apps/saas-apps/tableau-saml-saas.md

@@ -1,7 +1,7 @@
 ---
 pcx_content_type: how-to
 title: Tableau Cloud (SAML)
-weight: 17
+weight: 18
 ---
 
 # Connect to Tableau Cloud through Access

content/cloudflare-one/applications/configure-apps/saas-apps/zendesk-sso-saas.md

@@ -1,7 +1,7 @@
 ---
 pcx_content_type: how-to
 title: Zendesk
-weight: 18
+weight: 19
 ---
 
 # Connect to Zendesk through Access