Skip to main content

General Documents

Set up SAML SSO using Auth0

Single Sign-On (SSO) enables users to seamlessly sign in to applications and services without re-entering the credentials. The Cyware applications seamlessly integrate with Auth0 to use SSO through the Security Assertion Markup Language (SAML) protocol.

SAML is an XML-based protocol used for exchanging authentication and authorization data between applications. Within the Cyware application-Auth0 SAML integration, the Cyware applications act as the Service Provider (SP), and Auth0 acts as the Identity Provider (IdP). When users sign in to the applications using the SAML authentication method, the IdP (Auth0) sends a SAML assertion to the browser that is passed to the SP (Cyware applications). This enables Auth0 to establish a secure connection with the browser and then authenticate the users to sign in to the application.

Supported Cyware Applications 

You can configure Auth0 as a SAML 2.0 authentication method in the following Cyware applications:

  • Cyware Situational Awareness Platform (CSAP)

  • Cyware Threat Intelligence eXchange (CTIX)

Before you Start:

  • You must have an Auth0 developer account.

  • You must have administrator-level edit permission to update the authentication configuration in the Cyware application.

Steps 

To set up SAML SSO in a Cyware application using Auth0, perform the following steps:

  1. Get Service Provider Details 

  2. Configure an Application as SAML 2.0 App in Auth0 

  3. Configure Auth0 as SAML 2.0 Authentication Method in Cyware Application 

  4. Add User in Auth0 

  5. Validate the SAML SSO Integration 

Get Service Provider Details

To configure a Cyware application as a SAML 2.0 app in Auth0, you must provide the service provider details of the application, such as the Assertion Consumer URL and Entity ID.

Configure an Application as SAML 2.0 App in Auth0

In Auth0, configure a Cyware application as a SAML 2.0 app and generate the single sign-on URL, metadata XML, and certificate. These details are required to provide the identity provider details of Auth0 in the SAML 2.0 authentication configuration of the application.

To configure an application as a SAML 2.0 app in Auth0, do the following:

Note

This procedure mentions the fields and values that are required to configure a Cyware Application as a SAML 2.0 app. For the fields that are not mentioned, leave them as it is. For more information, see Create Applications in AUth0.

  1. Sign in to the Auth0 developer account.

  2. Go to Applications > Applications.

  3. Click Create Application and enter the following details:

    1. Enter the name of the application. For example, CSAP Analyst Portal.

    2. Select the application type as Regular Web Applications.

    3. Click Create.

  4. Select Django as the technology used in the application.

  5. Go to the Settings tab, and then go to Application URIs.

  6. In the Allowed Callback URLs, enter the Assertion Consumer URL that you copied in Get Service Provider Details.

  7. In Allowed Logout URLs, enter one of the following URLs based on the Cyware application and click Save Changes:

    • For CTIX, enter https://<domain>/ctix/.

  • For CSAP Analyst Portal, enter https://<domain>/dashboard/.

  • For CSAP Member Portal, enter https://<domain>/webapp/.

  1. Go to the Addons tab and select SAML2 WEB APP.

  2. In the Usage tab, download and save the following data to provide the identity provider details in the Cyware application:

    • Identity Provider Certificate 

    • Identity Provider Login URL 

    • Identity Provider Metadata 

  3. Go to the Settings tab and replace the Settings data with the following data to map the user data of Auth0 with the application.

    {
   "mappings":{
      "email":"email",
      "name":"first_name",
      "user_id":"username"
   }
}

  4. Click Enable.

Configure Auth0 as SAML 2.0 Authentication Method in Cyware Application

Use the identity provider details (Identity Provider Certificate, Identity Provider Login URL, and Identity Provider Metadata) to configure Auth0 as a SAML 2.0 authentication method in a Cyware application.

Add User in Auth0

Add users of the Cyware applications into Auth0 and enable them to sign in using the Auth0 credentials.

Before you Start 

Ensure that the user to be added in Auth0 already exists in the Cyware application.

Note

You can add a user in Auth0 without adding the user in the Cyware Threat Intelligence eXchange (CTIX). The Cyware Threat Intelligence eXchange (CTIX) supports Just-in-Time provisioning that automatically creates a user account when a user signs in using Auth0 authentication.

Steps 

To add a user in Auth0, do the following:

Note

The steps to create users in Auth0 may vary. Refer to the following Auth0 documentation to create users: Create Users in Auth0.

  1. Sign in to the Auth0 developer account.

  2. Go to User Management > Users.

  3. Click Create User and add the following details:

    Note

    You can import users into Auth0 in bulk. For more information, see Bulk User Imports.

    • Enter the same email ID that you used to add the user in the Cyware application. The user will be authenticated using this email ID.

    • Enter a password for the user.

    • Re-enter the password to confirm.

    • Select Username-Password-Authentication in Connection.

  4. Click Create.

The user is added in Auth0. To verify the email ID of the user, click Actions > Send Verification Email. The user will receive a verification email.

After the email ID is verified, the user can sign in to the application using the Auth0 credentials.

Validate the SAML SSO Integration

To validate the SAML SSO integration, do the following:

  1. Open the application in a web browser.

  2. Click the SAML authentication method.

  3. Enter the Auth0 credentials to sign in.

You should be able to sign in to the application.

Note

If a user is already signed in to the Auth0 account, the user should be able to sign in to the Cyware application without re-entering the Auth0 credentials.