SAML

General configuration

Configure CISO Assistant with SAML

Once you've retrieved the IdP Entity ID, the Metadata URL and the Entity ID from your provider (see the list of providers for specific details), the configuration on CISO Assistant is pretty simple.

1. Log in into CISO Assistant as an administrator > Extra > Settings

   
2. Enable SSO

   
3. Enter the Idp Entity ID

   
4. Choose the option 1 or 2 depending of your provider and fill Metadata URL or SSO URL, SLO URL, x509 certificate retrieved from your provider

   
5. Check that the SP Entity ID is similar to the Entity/Client ID specified on your provider

   
6. And that's it! Don't forget to save changes

7. You should now be able to see the Login with SSO button

   

Advanced settings

• Allow single label domains: This allows you to authenticate through SAML on a single-label domain (e.g. https://ciso-assistant:8443). If this is left unchecked, the only host forms allowed are:

  • IPv4

  • IPv6

  • FQDN (e.g. https://www.example.com/)

  • localhost

Be aware that the user needs to be created on CISO Assistant to be authenticated with SSO.