Configure SAML User Provisioning

Required Tenable Security Center User Role: Administrator

You can enable user provisioning to automatically create SAML-authenticated users in Tenable Security Center Director by importing user accounts from your SAML identity provider. When user provisioning is enabled, users who log into your SAML identity provider are automatically created in Tenable Security Center Director. For more information, see SAML User Provisioning.

To manually create SAML-authenticated users in Tenable Security Center Director, see Add a SAML-Authenticated User.

For more information about user account configuration options, see SAML User Account Options.

Before you begin:

To import SAML-authenticated user accounts from your SAML identity provider:

  1. Log in to Tenable Security Center Director via the user interface.

  2. In the left navigation, click System > Configuration.

    The Configuration page appears.

  3. Click the SAML button.

    The SAML Configuration page appears.

  4. In the SAML Settings section, click the toggle to enable User Provisioning.
  5. (Optional) To automatically update contact information for imported SAML-authenticated users, click the User Data Sync toggle. For more information about User Data Sync, see SAML Authentication Options.

  6. Click Submit.

    Tenable Security Center Director saves your configuration.

What to do next:

  • In your SAML identity provider, map the required Tenable Security Center user attribute fields to the corresponding fields for users in your identity provider: Organization ID, Group ID, and Role ID.

    Note: Tenable Security Center Director uses the fields listed in the Attribute Mapping section to create and update users in Tenable Security Center Director. Any Tenable fields that you map to corresponding fields in your SAML identity provider populate when Tenable Security Center Director imports SAML users into Tenable Security Center Director. If you enable User Data Sync, each time a user logs into Tenable Security Center Director using your SAML identity provider, Tenable Security Center Director updates any mapped attribute fields in Tenable Security Center Director with values from the corresponding fields in your SAML identity provider.