Set Up Single Sign-On Authentication

Note: In 11.4 or later, Single Sign-On (SSO) authentication can be used to access the UI however only one Active Directory is supported. SSO authentication is not supported on an Analyst UI Deployment.

Note: From 12.4 or later, NetWitness supports both Windows and Azure ADFS for SSO. Azure ADFS for SSO is only available while using the SAML Taken Based SSO Authorization.

Single Sign-On authentication enables the user to log in to NetWitness or any other application if the user is authenticated by the same Identity Provider (IDP). The Active Directory Federation Services (ADFS) is the only supported IDP and the protocol used for SSO is SAML 2.0.

Starting from NetWitness Platform version 12.4, NetWitness Platform allows user authorization by using the list of user groups embedded in the SAML authentication token received from ADFS and verifying these with the user groups set up within NetWitness. Users do not need to setup or depend on Active Directory configuration on NetWitness.

IMPORTANT: In NetWitness Platform version 12.3.1 or earlier, it is mandatory that users should configure Active Directory (AD) and map user roles to External Groups in NetWitness to complete Single Sign-On Authentication successfully.

NetWitness Single Sign-On Authentication Workflow

The following workflow shows how the user can access NetWitness using Single Sign-On authentication.
netwitness_ssoworkflow.png

The workflow of SSO authentication shows the following:

  1. User tries to access the NetWitness UI using the web browser. For example, https://nw-host/login.
  2. The user is prompted to login into the IDP (ADFS) login page.
  1. The user enters the credentials for authentication.
  2. If the authentication is successful, NetWitness authorizes the user based on the user groups configured on the Active Directory Server and External Role Mapping in NetWitness.
  3. If the authorization is successful, the user is logged into the NetWitness.

Note: If the single sign-on authentication fails, the user cannot access the NetWitness. For more information, see Troubleshooting.