SSO Integration FAQ

What is the Assertion Consumer Service (ACS) URL?

https://console.perimeterx.com/login

What is the Service Identifier (Entity ID)?

https://perimeterx.com

Can I request to change users associated with SSO account password?

No. Users associated with SSO account are authenticated vs their organizational SSO instance.

How do I re-invite a user?

The same way as we invite new users; first delete the user and then re-invite him. Instructions can be found here

What will happen if an account is not configured as an SSO account and a user tries to log in using SSO?

The user will receive a 404 "You are not authorized" message.

Is SSO included as a standard feature in PerimeterX, or does it cost extra?

Our SSO integration is a standard feature, and has no extra cost.

Does PerimeterX have the ability to automatically provision and/or de-provision users?

We don't have any automation to provision and/or de-provision users.

Is there an API we can gain access to in order to automate this ourselves?

We don't have an API for the management aspects.

If it’s domain based, is SSO mandatory once it’s turned ?

The system does not automatically log in the user. You will need to click on Sign In with on of our supported SSO vendors in the login page. This reduce the need in additional login credentials.

On this note, is there any way for an Admin or Security user to get in without using SSO?

No. Users will still see the option to log in with credentials but any credential they use won't be authenticated.

What SAML assertions does the PerimeterX application expect to get on the SAML response?

The PerimeterX application expects the SAML assertions in a specific format, requiring you to add custom attribute mappings to your SAML attributes configuration