Configure single sign-on

Configure single sign-on (SSO) so that any user in your organization can automatically log in to Incident Response.

Before you begin

Role required: Administrator

Procedure

  1. Log in to Incident Response.
  2. On the navigation pane, click Admin.
    The Single sign-on configuration form.
  3. On the Single Sign-On Configuration form, fill in the fields.
    Field Description
    IdP Issuer URI/Entity ID Issuer URI of the Identity Provider. This value is usually the SAML Metadata EntityID of the IdP EntityDescriptor.
    IdP Login URL The binding-specific IDP Authentication Request Protocol endpoint that receives SAML AuthnRequest messages from Incident Response.
    IdP Logout URL [Hidden] Visible when Single Sign Out is enabled. This is the logout endpoint for IdP.
    IdP Signature Certificate
    The PEM encoded public key certificate of the Identity Provider used to verify SAML message and assertion signatures.
    Note: Wrap this field with ––-BEGIN CERTIFICATE----- and ––-END CERTIFICATE----- text.

    A certificate expiration date is generated after successfully adding the certificate.

  4. To activate single sign out, select the Enable Single Sign Out check box.
    When enabled it completes the user IdP logout. Otherwise, their logout is only from Incident Response.
  5. To activate SSO, select the Enable Single Sign In check box.
  6. Click Save.
    Single sign in and out are configured.

What to do next

Sign in to Incident Response using single sign-on or multi-factor authentication