Single Sign-On Settings
This document is for:
Invicti Enterprise On-Demand, Invicti Enterprise On-Premises
Invicti Enterprise supports Single Sign-On (SSO) to enable users to move easily between websites/applications. Single Sign-On is a centralized login system that helps you access many websites or web applications with a single authenticated user account. You may, for example, need a system that allows users who are already logged in on one of your websites, to log in on your other websites at the same time (one may be a blog and the other a shop).
- Disabling both Enable and Enforce to authenticate only with single sign-on means only the regular username and password of Invicti Enterprise can be used
- Enabling Enable, but not Enforce to authenticate only with single sign-on, means both SSO and the regular username and password can be used
- Enabling Enable and Enforce to authenticate only with single sign-on means that only SSO can be used
For detailed instructions for each system, see SAML Authentication Services.
How to Configure Single Sign-On Settings
- From the main menu, click Settings, then Single Sign-On.
- Enable the Enable checkbox.
- Enable the Enforce to authenticate only with single sign-on checkbox, if you want to disable logging in via regular username and password to Invicti Enterprise.
- Select the tab of the relevant system, and complete the instructions. Links to detailed instructions for each system are available in Invicti and Single Sign-On Support.
- Enable the Enable Auto Provisioning checkbox, if you want your registered users on the IdP to be automatically created when they first access Invicti Enterprise.
- Enable the Require SAML assertions to be encrypted, if you want third parties prevented from reading private data from the SAML assertions.
- Enable the Use Alternate Login Email to allow users to use alternative email for single sign-on.
- Click Save Changes.