Integrating SSO (Single Sign-On)
Pre-Requisites
- Ensure your organization uses a SAML v2.0 compliant IdP.
- Decide whether to enable SCIM (System for Cross-domain Identity Management) for real-time user provisioning (optional).
Step 1: Enable SSO for Your Account
- Contact the AppSecEngineer Support Team to enable SSO on your account.
- Provide your account details and request SSO activation, this is required to be done via Email as it's a secure unique SSO key which can't be published on publicly accessible channels.
Step 2: Metadata Exchange
- Exchange the Metadata URL between your organization and AppSecEngineer to configure the connection.
- Obtain the necessary metadata (ACS URL and Identifier) from AppSecEngineer’s support team.
Step 3: Configure SSO on Your IdP
Log in to your Identity Provider’s admin portal.
Add a new application for AppSecEngineer and configure the following details:
- ACS URL: Contact AppSecEngineer support for this value.
- Identifier (Entity ID): Contact AppSecEngineer support for this value.
- Add this URL to your configuration: SignOn URL
Set Up Attributes and Claims:
- Ensure that the email address attribute is mapped to
user.userprincipalname.
- Ensure that the email address attribute is mapped to
Step 4: Testing and Validation
- Save your configuration in the IdP and test the SSO connection.
- Confirm with AppSecEngineer support that the integration is functioning as expected.
Step 5: Optional - SCIM Integration
- If you want real-time user provisioning, request SCIM setup from AppSecEngineer support.
- Follow the SCIM configuration instructions provided by your IdP and AppSecEngineer.
Additional Notes
- Ensure that all details are double-checked during setup to avoid configuration errors.
- Once SSO set up is done, organization's employee records are automatically fetched inside AppSecEngineer and hence administrator is not required to import or add any user manually
- Reports for all DEACTIVATED users will be available in Reports section of AppSecEngineer learning platform even after deactivation of user
- Reports for all DELETED users are deleted permanently from AppSecEngineer learning platform
- Admin can reassign seats 'N" number of times as there is no limitation to delete and reassign seats. Only the total number of seats remain constant as per your organization's subscription
Related Articles
SCIM Integration Guide
Login into Azure Portal, Find and go to Microsoft Entra ID service Click on Enterprise Application → New Application → Create Your Own application Name the application something recognizable such as AppSecEngineer-SCIM, select the Non-gallery option ...Setting up your Enterprise Account
1. Creating an Admin Account Once you have received an email about your enterprise account being active, visit the AppSecEngineer Learning Portal. Click on Organization Login Fill in your organization details and designate an account administrator. ...Quick start guide for Enterprise
Set up Enterprise Account Import users manually SSO integration Create team and assign courses Available reportsHow to spin up a GCP sandbox
Steps: Click the Access button to connect to the provisioned server. Open the terminal by selecting the Terminal option and choosing New Terminal. To create a GCP sandbox, run: asectl init gcp Credentials will be stored in /root/gcp-creds.txt and ...Moodle Integration
Step 1: Log in to Moodle Sign in to your Moodle account. Click on Site Administration in the top menu bar. Navigate to the Plugin section. Scroll down to find and select Manage Tools. This is where you can add external tools and plugins. Step 2: ...