Integrating SSO (Single Sign-On)
Pre-Requisites
- Ensure your organization uses a SAML v2.0 compliant IdP.
- Decide whether to enable SCIM (System for Cross-domain Identity Management) for real-time user provisioning (optional).
Step 1: Enable SSO for Your Account
- Contact the AppSecEngineer Support Team to enable SSO on your account.
- Provide your account details and request SSO activation, this is required to be done via Email as it's a secure unique SSO key which can't be published on publicly accessible channels.
Step 2: Metadata Exchange
- Exchange the Metadata URL between your organization and AppSecEngineer to configure the connection.
- Obtain the necessary metadata (ACS URL and Identifier) from AppSecEngineer’s support team.
Step 3: Configure SSO on Your IdP
Log in to your Identity Provider’s admin portal.
Add a new application for AppSecEngineer and configure the following details:
- ACS URL: Contact AppSecEngineer support for this value.
- Identifier (Entity ID): Contact AppSecEngineer support for this value.
- Add this URL to your configuration: SignOn URL
Set Up Attributes and Claims:
- Ensure that the email address attribute is mapped to
user.userprincipalname.
- Ensure that the email address attribute is mapped to
Step 4: Testing and Validation
- Save your configuration in the IdP and test the SSO connection.
- Confirm with AppSecEngineer support that the integration is functioning as expected.
Step 5: Optional - SCIM Integration
- If you want real-time user provisioning, request SCIM setup from AppSecEngineer support.
- Follow the SCIM configuration instructions provided by your IdP and AppSecEngineer.
Additional Notes
- Ensure that all details are double-checked during setup to avoid configuration errors.
- Once SSO set up is done, organization's employee records are automatically fetched inside AppSecEngineer and hence administrator is not required to import or add any user manually
- Reports for all DEACTIVATED users will be available in Reports section of AppSecEngineer learning platform even after deactivation of user
- Reports for all DELETED users are deleted permanently from AppSecEngineer learning platform
- Admin can reassign seats 'N" number of times as there is no limitation to delete and reassign seats. Only the total number of seats remain constant as per your organization's subscription
Related Articles
SCIM Integration Guide
Login into Azure Portal, Find and go to Microsoft Entra ID service Click on Enterprise Application → New Application → Create Your Own application Name the application something recognizable such as AppSecEngineer-SCIM, select the Non-gallery option ...Setting up your Enterprise Account
1. Creating an Admin Account Once you have received an email about your enterprise account being active, visit the AppSecEngineer Learning Portal. Click on Organization Login Fill in your organization details and designate an account administrator. ...Integrate LTIAAS
Build Your Challenge is an AppSecEngineer Enterprise Admin-only feature! Prerequisites: An active enterprise plan with AppSecEngineer Access to moodle with same email address as registered admin on ASE platform To integrate the ASE platform with your ...Creating an Assignment
Assignments is an enterprise admin-only feature that enables admins to allocate tasks or learning modules to teams and users effectively. Follow these steps to create an assignment: Log in to the Admin Dashboard: Navigate to the Admin section of the ...Build your own challenge
Build Your Challenge is an AppSecEngineer Enterprise Admin-only feature! Steps to Build Your Challenge Access the Challenge Builder: Log in to the Admin Dashboard. Navigate to Sidebar menu> Admin> Build Your Challenge. Fill in the Challenge Form: ...