Administrator single sign-on
The Administrator single sign-on feature allows portal users to sign in to the Security Portal using a supported third-party identity provider. When enabled, this feature applies to all contacts.
Before enabling this feature, you must configure the details for your identity provider on the
page. You must also configure your third-party identity provider to provide the cloud portal with sign-on authentication for your administrators.To configure administrator single sign-on:
Steps
Next steps
Once you have completed the setup on this page, you must do the following to complete single sign-on activation:
- Add the downloaded SAML metadata file to your identity provider.
- Deploy the root certificate to administrator’s machines, using your preferred distribution method such as Group Policy Object (GPO).
- Select the required Login option to enable SSO as an administrator authentication mechanism. See Login optionsfor more information.
When configuring your identity provider for administrator single sign-on, use the following URL to obtain the Forcepoint metadata:
https://admin.forcepoint.net/login/saml.xml
Note that this metadata source is different from the metadata source for end-user single sign-on provided on the
page.You can configure your identity provider to fetch this metadata dynamically using this URL, or save the page as an XML file, and upload it to your identity provider.