Configuring SAML-Based Single Sign-On Integration

SAML (Security Assertion Markup Language) is a security language designed for exchanging authentication information between the user, the identity provider and the service provider. SAML provides a standard for interoperability in identity management systems and technologies so that SSO can be extended across security domains.

Setup instructions may vary by the identity provider (IdP). Acunetix 360 supports the SAML methods both IdP initiated and SP initiated. You can also create a new user in Netsparker Enterprise with the Enable Auto Provisioning option.

if_Gnome-Dialog-Information-64_55568.png

Information

Contact us if you encounter any problem while setting up Single Sign-On (SSO) integration.

Single Sign-On Fields

This table lists and explains the Single Sign-On fields in the Configure Single Sign-On window.

Field

Description

Enable

Select this option to enable the single sign-on feature.

Enforce to authenticate only with single sign-on

Enable this option so only administrator users can authenticate without single sign-on. Users can only sign in to Netsparker Enterprise by using the email address that belongs to their employer.

IdP Identifier

This is the SAML identity provider’s Identifier value.

SAML 2.0 Service URL

This is the Consumer URL value (also called the SSO Endpoint or Recipient URL).

SAML 2.0 Endpoint

This is the URL from your IdP's SSO Endpoint field.

X.509 Certificate

This is the X.509 certificate value.

Enable Auto Provisioning

Enable this option so that an account will be automatically created for IdP registered users  when they first access Netsparker Enterprise.

If you enable this option for user creation in Netsparker Enterprise, you must complete the FirstName, LastName and Phone Number (optional) fields in the Attribute Statements on the IdP side.

This means a new team member can log in to Netsparker Enterprise with no user permissions, such as Start Scan. They can add permissions after this.

Require SAML assertions to be encrypted

Enable this option to prevent third parties from reading private data in transit from assertions.

There are two options:

  • Generate a new certificate for me: Netsparker generates a key pair. Netsparker will keep a private key to decrypt received SAML messages and provide you with a certificate so that you can upload it on the IdP side.
  • I have an existing certificate: You need to upload your certificate to Netsparker by importing a decryption certificate from your files.
How to Configure SAML-Based Single Sign-On Integration
  1. Log in to Acunetix 360.
  2. From the main menu, click Settings, then Single Sign-On. The Single Sign-On window is displayed.
  3. Select the SAMLv2.0 tab.

  1. If your IdP (Identity Provider) requires you to specify a SAML Identifier for Acunetix 360 (it may also be referred to as the Audience or Target URL), use the value of the Identifier field.
  2. If your IdP requires you to specify Consumer URL (it may also be referred to as the  SSO Endpoint or Recipient URL), use the value of the SAML 2.0 Service URL field.
  3. Retrieve the URL from your IdP's IdP Identifier field and paste it into Acunetix 360’s IdP Identifier field.
  4. Retrieve the URL from your IdP's SSO Endpoint field and paste it into Acunetix 360’s SAML 2.0 Endpoint field.
  5. Export your X.509 certificate, copy its content and paste the certificate value into Acunetix 360’s X.509 Certificate field.
  6. If Enable Auto Provisioning is enabled, you should enter the FirstName, LastName and Phone Number (optional) fields in the Attribute Statements (Mapping).

if_Gnome-Dialog-Information-64_55568.png

Information

If Enable Auto Provisioning is enabled, a new team member is able to log in to Acunetix 360 with no user permissions, such as Start Scan.

  1. Click Save Changes.

 

« Back to the Acunetix Support Page