Skip to main content
Skyhigh Security

Primary User - Identity Provider

The Identity Provider page allows you to add or update the configurations to enable Single Sign-On (SSO) using your own identity provider. The supported protocol is SAML 2.

NOTE: If a new SAML configuration is created, or an existing configuration is updated or deleted on the Trellix Identity Provider page, the events are recorded within the audit log (found under Settings > Audit Log).

  1. Click Identity Provider.
    IdP.png
  2. On the Identity Provider page, configure the following:
    • Identity Provider. Enter the following information from your IdP.
      • Issuer. This is the Identity Provider Issuer.
      • Certificate. Download the certificate from your IdP and click Choose File to upload it.
      • Login URL. This is the Identity Provider Single Sign On URL.
      • Signature Algorithm. Make sure this matches your IdP.
      • Request Binding. Make sure this matches your IdP.
    • Service Provider (MVISION). Enter the following information to Service Provider (MVISION)
      • Audience. Edit your IdP application's SAML settings to update the Audience URI
      • Assertion Consumer Service URL. Edit your IdP application's SAML settings to include the Single Sign On URL.
      • Certificate. Download the SP certificate to validate our signature on the SAML request (Authentication).
      • SAML Metadata. Download the SAML metadata. It can be imported into IdP to configure automatically.
    • User List. You can include or exclude the user list from SSO.
      clipboard_e18dd405460d1db3d61ee96e1b085fdd8.png
  3. Click Save Changes. 
    Upon saving the configuration, you will be provided with the URLs to add to your SAML Provider settings. 

  • Was this article helpful?