Set up authentication - Administrator Guide - 8.5 - Cortex XSOAR - Cortex - Security Operations

Cortex XSOAR On-prem Documentation

Product
Cortex XSOAR
Version
8.5
Creation date
2024-03-10
Last date published
2024-11-28
Category
Administrator Guide
Solution
On-prem
Abstract

Decide whether you want to add users locally or through SSO in Cortex XSOAR On-prem.

You can create users locally or by using SSO in the tenant. Users authenticate by doing one of the following:

  • Authenticate locally

    After you create users, they authenticate using their username and password. For more information, see Create users in Cortex XSOAR.

  • SAML single sign-on

    Users can be authenticated using your IdP provider such as Okta, Ping, or Azure AD. You can use any IdP that supports SAML 2.0.

After you have created users, add them to user groups or assign roles directly.

SSO has the following advantages:

  • Enforces multi-factor authentication (MFA) and any conditional access policies on the user login at the IdP before granting a user access to Cortex XSOAR.

  • Maps SAML group memberships to user groups and roles, allowing you to manage role-based access control.

  • Removes access to Cortex XSOAR when a user is removed or disabled in the IdP.