Add User Authentication Profiles

After you add a provisioning identity provider (IdP) in Cisco Secure Access, configure the integration of a single sign-on (SSO) authentication identity provider (IdP).

This guide describes the steps to integrate a user authentication profile through an SSO IdP in Secure Access.

Complete the integration by following one of the SAML IdP configuration guides to set up the configuration attributes and secure connections between Secure Access and the SAML IdP.

Table of Contents

• Prerequisites
• Requirements for Configuring SSO Authentication Profiles
• About the Default Provisioning Profile
• Procedure
• View User Authentication Profiles

Prerequisites

• Full Admin user role. For more information, see Manage Accounts.

Requirements for Configuring SSO Authentication Profiles

When you add a user authentication profile for an SSO IdP in Secure Access, you must associate a provisioning IdP with the SSO IdP. For more information, see Manage User Directories.

About the Default Provisioning Profile

If you previously integrated an SSO IdP that supported SSO authentication for the users in the organization, Secure Access will associate a Default authentication Profile for this integration.

The Default Profile describes the integration of an existing IdP in Secure Access using the organization's ID and the SCIM token that you generated for the IdP integration.

Procedure

Add an SSO user authentication IdP in Secure Access.

1. Navigate to Connect > Users and User Groups, and then click Configuration management.

   

2. On the Configurations tab, click Add SSO authentication.

   

3. For SSO Authentication Name, enter a unique name for the SSO authentication IdP integration.

   

4. For Authentication Method, click Security Assertion Markup Language (SAML).

   

5. For Directory, choose the Directory integration for the cloud IdP that provisions the users and groups.

   

6. Click Next.

7. Choose the type of SAML IdP and follow the steps to complete the configuration. For more information, see Configure Integrations with SAML Identity Providers.

View User Authentication Profiles

1. Navigate to Connect > Users and User Groups, and then click Configuration management.

   

2. On the Configurations tab, navigate to SSO authentication.
   Secure Access lists the configured user authentication profiles.

   

Manage User Authentication Profiles > Add User Authentication Integrations < About Single Sign-On for Users