Generic SAML SSO
PerimeterX supports logging in to the PerimeterX Portal with Generic SAML SSO as the authentication provider.
Prerequisites
Administrative access in a PerimeterX account is required before configuring Generic SAML SSO
Configure PerimeterX SSO
- Login to your PerimeterX console with Admin permissions.
- Navigate to Platform Settings-> Accounts
- Click Edit
- In the Edit Account dialog:
a. Check Enable Single Sign-On (SSO)
b. Select Generic SAML and enter the following details:
Field name | Description |
|---|---|
SAML Endpoint | URL endpoint where the SAML assertion is sent. |
Issuer | The IdP unique identifier. The SP validates that the SAML assertions it receives are issued from the correct IdP. |
X.509 Certificate | A certificate provided by the IdP. Used to verify the public key as passed by the IdP in the metadata of the SAML assertion |
- Make sure to Save Changes
Attribute Mapping
The PerimeterX application expects the SAML assertions in a specific format, requiring you to add custom attribute mappings to your SAML attributes configuration
Application Attribute | Description |
|---|---|
NameID (SAML_SUBJECT) | User's email address |
firstName | User's first name |
lastName | User's last name |
Inviting Users
When inviting users to login to the PerimeterX Portal for the first time, refer to the PerimeterX Managing Users Guide for full instructions.
If a user was invited prior to enabling Generic SAML SSO:
- In the PerimeterX Portal, delete the existing users’ accounts from Admin > Users.
- Re-invite the deleted users as new users according to the instruction in the PerimeterX Managing Users Guide.
Important
To enable the administrator user to login with Okta SSO, delete the user and re-invite (within the same session) by going to Platform Settings-> Users and selecting Invite User.
FAQ
For more information see the SSO Integration FAQ
Updated 6 months ago