The SAML service provider certificate is not used at this time, but would be used in the future to support service-provider-initiated login or single sign-out features. Select a certificate option, and click Next. The SAML metadata is served from the /saml endpoint on the Deep Security Manager, so an example value might be The SAML specification recommends that the entity ID is a URL that contains the domain name of the entity, and industry practices use the SAML metadata URL as the entity ID. The Entity ID is a unique identifier for the SAML service provider. In Deep Security Manager, go to Administration > User Management > Identity Providers > SAML.Įnter an Entity ID and a Service Name, and then click Next.In multi-tenant Deep Security installations, only the primary tenant administrator can configure Deep Security as a SAML service provider. Active Directory Federation Services (ADFS)Ĭonfigure Deep Security as a SAML service providerįirst, set up Deep Security as a service provider.Support is available to assist with the following identity providers that have been tested in Deep Security with SAML single sign-on: Ask them to add any required user authentication access control features to their policy.Obtain their identity provider SAML metadata document.Establish a naming convention for mapping directory server groups to Deep Security roles.Contact the identity provider administrator to:.Ensure your Deep Security Manager is functioning properly.Provide information for your identity provider administrator.Configure Deep Security as a SAML service provider.If you are using Azure Active Directory as your identity provider, see Configure SAML single sign-on with Azure Active Directory.Īt this time, Deep Security supports only the HTTP POST binding of the SAML 2.0 identity provider (IdP)-initiated login flow, and not the service provider (SP)-initiated login flowĭeep Security, you will need to do the following: Two-Factor Authentication (2FA) or Multi-Factor Authentication (MFA).įor a more detailed explanation of Deep Security's implementation of the SAML standard, see About SAML single sign-on (SSO). SAML single sign-on also makes it possible to implement user authentication access control features such as: Organization's portal can seamlessly sign in toĭeep Security account. See FIPS 140 support.ĭeep Security to use SAML single sign-on (SSO), users signing in to your SAML single sign-on is not available when FIPS mode is enabled.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |