Skip to main content

Cyware Threat Intelligence eXchange

  • Cyware Threat Intelligence eXchange
  • How To Articles
  • Set up SAML Authentication for CTIX Using Microsoft Entra ID

Set up SAML Authentication for CTIX Using Microsoft Entra ID

Notice

Microsoft Azure Active Directory (Azure AD) is renamed to Microsoft Entra ID.

On CTIX, you can enable single sign-on (SSO) using an Identity Provider (IdP) that supports Security Assertion Markup Language (SAML), such as Microsoft Entra ID.

Before you Start

  • You must have suitable administrative privileges to create an external application in Microsoft Entra ID.

  • You must have the Assertion Consumer URL and Entity ID from the CTIX application.

  • Your user group in CTIX must have View and Update Configuration permissions to access the configuration module in CTIX.

  • Once generated, download and keep the Federation Metadata XML from Microsoft Entra ID handy.

Steps

To access the CTIX application using SSO, do the following:

  1. Fetch Assertion URL and Entity ID from CTIX

  2. Configure SAML Application for CTIX on Microsoft Entra ID

  3. Create Users in Microsoft Entra ID

  4. Create Users in CTIX

  5. Configure Microsoft Entra ID SSO in CTIX

  6. Verify Single Sign-on from Microsoft Entra ID

Fetch Assertion URL and Entity ID from CTIX

The Assertion Consumer URL is an endpoint on CTIX, which the identity provider (Microsoft Entra ID) will redirect to with its authentication response. An entity ID is a globally unique name for the service provider or the identity provider.

Fetch the Assertion Consumer URL and entity ID from the CTIX application and have them handy. You need these values while setting up the SAML 2.0 app in Microsoft Entra ID.

  1. Sign in to the CTIX application.

  2. Navigate to Administration > Configuration > Authentication > SAML 2.0.

  3. Copy and retain the following values:

    • Assertion Consumer URL

    • Entity ID

    CTIX_AzureAD.gif

Configure SAML Application for CTIX on Microsoft Entra ID

Set up Microsoft Entra ID for SSO by creating an external application for CTIX and configuring SSO for it.

  1. Sign in to the Microsoft Entra ID portal as an Administrator.

  2. Under Entra ID Services select Entra ID Active Directory.

  3. Under Manage on the left pane, select Enterprise Applications > +New Application.

  4. In what's the name of your app, enter CTIX and select Integrate any other application you don't find in the gallery (Non-gallery).

  5. Click Create to create the application.

  6. Select Single Sign-on under Manage.

  7. For Select a single sign-on method, select SAML.

  8. Click Edit on Basic SAML Configuration and enter the Entity ID and Assertion Consumer Service URL that you copied from the CTIX application.

  9. The rest of the fields are optional. Save your changes.

  10. Click Edit on Attributes and Claims.

  11. In Required Claims, click the horizontal ellipsis and enter Unique User Identifier (Name ID) as user.userprincipalname.

  12. Edit the existing additional claims and add the claims for email, first name, and last name.

    Note that the application automatically provides Namespace values for the parameters added for the claim. The Namespace field is optional. You must remove the value of Namespace present in each additional claim by editing the values and keeping the Namespace values empty.

    • Enter the following values to add a claim for email:

      • Name as email

      • Select Source as Attribute

      • Source Attribute as user.mail

    • Enter the following values to add a claim for the first name:

      • Name as first_name

      • Select Source as Attribute

      • Source Attribute as user.givenname

    • Enter the following values to add a claim for the last name:

      • Name as last_name

      • Select Source as Attribute

      • Source Attribute as user.surname

      The following image illustrates the list of claims that must be added in Microsoft Entra ID.

    final_additional_claims_screen.png

  13. Go to SAML Certificates and download the Certificate (Base64) or Certificate (Raw), Federation Metadata XML, and copy the App Federation Metadata URL to use while configuring the SSO in the CTIX platform. 

    Final_single_screen_Azure_AD.png

  14. Click Save.

Create Users in Microsoft Entra ID

Create users in Microsoft Entra ID to set up SAML authentication. For more information on creating users in Microsoft Entra ID, see Add or Delete Users. You must assign the created users or user groups to the CTIX application present in Microsoft Entra ID.

Steps

  1. Sign in to the Microsoft Entra ID portal as an administrator.

  2. From Manage, select User and groups.

  3. Click +Add User to select and add your users.

Create Users in CTIX

You must add the users created in Microsoft Entra ID CTIX to establish a complete flow of information. For more information about creating users in CTIX, see Onboard Users.

Configure Microsoft Entra ID SSO in CTIX

Steps

Configure single sign-on for Microsoft Entra ID in CTIX.

  1. Sign in to the CTIX application.

  2. Navigate to Administration > Configuration > Authentication

  3. Select SAML 2.0 and click Edit.

  4. Select either Metadata XML or Certificate as the Identity Provider Attributes generated while configuring the SAML application for CTIX in Microsoft Entra ID. You can use the Certificate (Base 64) certificate if you choose the certificate as the IDP type.

  5. Click Upload against Metadata XML and upload the Federation Metadata XML file you downloaded from Microsoft Entra ID.

  6. Enable AuthnRequest to send authentication requests from CTIX to Microsoft Entra ID.

  7. Click Activate SAML and click Save.

Verify Single Sign-on from Microsoft Entra ID

Steps

Sign in to CTIX from applications in Microsoft Entra ID and verify the configuration.

  1. Sign in to Microsoft Entra ID.

  2. Verify from Office - All Apps that the CTIX application is available for the user.

  3. Click CTIX application.

  4. You are directed to CTIX sign-in. Click SAML and sign in to CTIX.