Skip to main content
Skip table of contents

CYE SAML Single Sign-on

Cyclone ENTERPRISE is capable of connecting to an external identity provider for user account mamangement. Single sign-on is an authentication scheme that allows a user to log-in using credentials provided by a identity provider. This elimnates the need to manage credentials externally and provides a more secure and simplified user management system. Once enabled, user login credentials will be managed and verified by your identity provider instead of Cyclone ENTERPRISE.

image-20240722-202039.png

Single Sign-on Setup

Setting up Single Sign-on requires that you log into Cyclone ENTERPRISE as the root user. Once you have logged in as the root user, navigate to the Users tab, then select the Single Sign-on tab.

image-20240723-174605.png

Prior to setting up SAML single sign-on in Cyclone ENTERPRISE, you will need to copy the Service Provider entity ID and  Service Provider Consumer Service URL and add it to your identity provider. See the SAML Single Sign-on identity provider instructions before continuing SAML configuration in Cyclone ENTERPRISE.

Once you have completed setting up SAML Single Sign-on on your identity provider, you can begin configuring Single-Sign-on in Cyclone ENTERPRISE by clicking on the Configure SSO button. See the SAML Single Sign-on Configuration instructions for more information on Single Sign-on configuration.

image-20240807-220517.png

Logging into Cyclone ENTERPRISE using Single Sign-on

Once Single Sign-on has been setup the Cyclone ENTERPRISE login page will contain a button that will redirect users to the chosen identity provider when logging in.

image-20240807-220423.png

Single Sign-on Options

The Single Single-on options can be used to toggle Single Sign-on options. These settings will be only be enabled once Sing Sign-on has been configured on your server.

image-20240807-220853.png

  1. Enable Single Sign-on - This option will toggle Single Sing-on on or off. When the option is turned off users will no longer see the option to log in using Single Sign-on on the login page. Only internal users will be able to log into Cyclone ENTERPRISE while this option is turned off.

  2. Sign Get Request - Turn this option on will encrypt the SAML connection. Some identity providers may require a signed connection.

  3. Force Authentication - Turning this on will restrict users from logging in using passwords and instead requires them to use SSO

  4. Allow Unencrypted Assertion - Encrypting assertions adds an extra layer of security to your Single Sign On (SSO) authentication. Turning this option on will disable this extra layer of security and allow unencryped assertions.

  5. Disable Root user - Toggling this option to on will disable the deafault root user that is created when setting up Cylone ENTERPRISE.

Prior to disabling the root user, it is recommended that you create at least one user with Adminstrator or Supervisor privileges that can be used to perform administrative tasks on the server.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close