Single Sign-On Settings Tab
The SSO Settings tab provides a way to enable SSO.
What do you want to do?
Role | I want to ... | Show me how |
---|---|---|
Admin | Enable SSO Settings | Configure Single Sign-On |
Admin | Configure Active Directory | Configure Active Directory |
Admin |
Configure ADFS as IDP for NetWitness |
For instructions on how to configure ADFS as IDP for NetWitness, see the Configure SAML 2.0 provider settings for portals topic in Microsoft documentation. |
Admin | Map User Roles to External Groups | Manage Users with Roles and Permissions |
Quick Look
To access this view, go to (Admin) > Security and click the Single Sign-On Settings tab.
The following table lists the features of the Single Sign-On tab.
Feature | Description |
---|---|
Enable SSO | Checkbox that indicates whether or not the single sign-on is enabled. This box is cleared by default. |
Auto Import IDP Metadata | If selected the latest IDP metadata is downloaded at regular intervals. |
Metadata URL |
Enter the metadata URL generated when the connection was established with the ADFS. |
Use Proxy | If enabled, the requests to IDP will be routed through the proxy configured in (Admin) > System > HTTP Proxy settings. |
Import IDP Metadata |
Enter the metadata URL generated when the connection was established with the ADFS. Note: Make sure you update the link every time the IDP metadata is updated. |
Entity ID |
A unique identifier for NetWitness unique amongst all the applications managed by the same IDP. |
Enable Global Logout | Checkbox that enables Global Logout setting for users. When Global Logout is enabled, the user is logged out of NetWitness and also from other applications authenticated by ADFS. |
Enable SAML Token Based SSO Authorization | Checkbox that indicates whether or not the SAML Token Based SSO Authorization is enabled. This box is cleared by default. Select the Enable SAML Token Based SSO Authorization check box if you want to setup SAML token based SSO without needing to configure Active Directory in NetWitness. |
SAML External Group Attribute Name | Specifies the attribute name which holds the external group names in the SAML token. Required when using SAML token based authorization. |
Apply |
The admin-server is restarted after which you will get notified in the notification tray when the metadata is ready to be downloaded. |
Export Service Provider Metadata | Exports an XML file which is uploaded to IDP to establish the connection between NetWitness (SP) and IDP (ADFS) for authentication. |