Manage User Authentication Profiles

Cisco Secure Access supports the use of Security Assertion Markup Language (SAML) or OpenID Connect (OIDC) to authenticate users. Secure Access requires that users are authenticated before they can connect to internet-bound destinations through the Secure Access Secure Web Gateway (SWG) or connect with Secure Access Zero Trust Access (ZTA) to private destinations.

To get started, add a single sign-on (SSO) authentication profile in Secure Access for each user authentication IdP integration. You must associate one of the organization's configured provisioning profiles (user directory) with the SSO authentication profile.

Table of Contents

• Add User Authentication Profiles
• About Single Sign-On
• View User Authentication Profile
• Edit a User Authentication Profile
• Delete a User Authentication Profile

Add User Authentication Profiles

When you configure a user authentication profile, associate a provisioning profile for a cloud IdP with the user authentication profile. You can only assign one unique provisioning IdP in the user authentication profile.

• For more information, see Add SSO Authentication Profiles.

About Single Sign-On

• For more information, see About Single Sign-On for Users.

View User Authentication Profiles

After you add a user authentication profile in Secure Access, you can view the list of configured user authentication profiles for the organization. For more information, see View SSO Authentication Profiles.

Edit a User Authentication Profile

After you add a user authentication profile, you can edit the profile in Secure Access. For more information, see Edit an SSO Authentication Profile.

Delete a User Authentication Profile

After you add a user authentication profile, you can remove the profile in Secure Access. For more information, see Delete an SSO Authentication Profile.

Multiple AD Domains with Secure Access Sites > Manage User Authentication Profiles < Add SSO Authentication Profiles