Follow step by step integration guide for SSO setup inside AppSecEngineer learning platform

Integrating SSO (Single Sign-On)

Pre-Requisites

  1. Ensure your organization uses a SAML v2.0 compliant IdP.
  2. Decide whether to enable SCIM (System for Cross-domain Identity Management) for real-time user provisioning (optional).

Step 1: Enable SSO for Your Account

  • Contact the AppSecEngineer Support Team to enable SSO on your account.
    • Provide your account details and request SSO activation, this is required to be done via Email as it's a secure unique SSO key which can't be published on publicly accessible channels.

Step 2: Metadata Exchange

  • Exchange the Metadata URL between your organization and AppSecEngineer to configure the connection.
    • Obtain the necessary metadata (ACS URL and Identifier) from AppSecEngineer’s support team.

Step 3: Configure SSO on Your IdP

  1. Log in to your Identity Provider’s admin portal.

  2. Add a new application for AppSecEngineer and configure the following details:

    • ACS URL: Contact AppSecEngineer support for this value.
    • Identifier (Entity ID): Contact AppSecEngineer support for this value.
    • A search in the Microsoft Entra Gallery for "AppSecEngineer" shows one result. The app supports Federated SSO and Provisioning, with options to create a new app or give feedback visible at the top.

    • Add this URL to your configuration: SignOn URL

      Also Enhance your user management experience with our SCIM Integration Guide
  3. Set Up Attributes and Claims:

    • Ensure that the email address attribute is mapped to user.userprincipalname.
The "Additional claims" section displays a table with four claims, including their names, types (SAML), and values (e.g., user.userprincipalname, user.givenname, user.surname). An "Advanced settings" option is visible below the table.


Step 4: Testing and Validation

  1. Save your configuration in the IdP and test the SSO connection.
  2. Confirm with AppSecEngineer support that the integration is functioning as expected.

Step 5: Optional - SCIM Integration

  • If you want real-time user provisioning, request SCIM setup from AppSecEngineer support.
  • Follow the SCIM configuration instructions provided by your IdP and AppSecEngineer.

Additional Notes

  • Ensure that all details are double-checked during setup to avoid configuration errors.
  • Once SSO set up is done, organization's employee records are automatically fetched inside AppSecEngineer and hence administrator is not required to import or add any user manually
  • Reports for all DEACTIVATED users will be available in Reports section of AppSecEngineer learning platform even after deactivation of user
  • Reports for all DELETED users are deleted permanently from AppSecEngineer learning platform
  • Admin can reassign seats 'N" number of times as there is no limitation to delete and reassign seats. Only the total number of seats remain constant as per your organization's subscription
    • Related Articles

    • SCIM Integration Guide

      Login into Azure Portal, Find and go to Microsoft Entra ID service Click on Enterprise Application → New Application → Create Your Own application Name the application something recognizable such as AppSecEngineer-SCIM, select the Non-gallery option ...
    • Setting up your Enterprise Account

      Before getting started with setting up your enterprise account, make sure you’re logged in. If you’re unsure how to log in, refer to our Logging in to AppSecEngineer guide. 1. Creating an Admin Account Once you have received an email about your ...
    • SSO setup for AppSecEngineer with Auth0

      Note: This feature is enterprise only, kindly login with admin access to set this up Auth0 SSO SetUp Guide in order to start the SSO setup for AppSecEngineer with Auth0, follow these steps: Go to Auth0 console → Applications → Create Application ...
    • Quick start guide for Enterprise

      Set up Enterprise Account Import users manually SSO integration Create team and assign courses Available reports
    • How to spin up an Azure sandbox

      Steps: Click the Access button to connect to the provisioned server. Open the terminal by selecting the Terminal option and choosing New Terminal. To create an Azure sandbox, run: asectl init azure A sandbox environment in Azure will be created, ...