Add a SAML Configuration

The following feature is not supported in Federal Risk and Authorization Management Program (FedRAMP) environments. For more information, see the FedRAMP Product Offering.

Required User Role: Administrator

You can manually enter the details for your SAML configuration or you can upload a metadata.xml file that you download from your identity provider (IdP).

Note: Once SAML is configured for a user, they must log in normally one time before they can access the Sign in via SSO link on the login page.

Before you begin:

  • Follow the steps described in your IdP's documentation to set up a SAML application for on your IdP account.

    Note: Your IdP requires an entity ID and a reply URL for to set up the SAML application. The entity ID for is TENABLE_IO_placeholder. The reply URL for is

  • In your IdP account, download your metadata.xml file.

Note: Tenable does not currently support a SP-Initiated SAML flow. Because it must be initiated from the Identity Provider side, navigating directly to does not allow SSO. Additionally, all users must have an account configured in that matches their SSO login.

To add a new SAML configuration:

  1. In the upper-left corner, click the Menu button.

    The left navigation plane appears.

  2. In the left navigation plane, click Settings.

    The Settings page appears.

  3. Click the SAML tile.

    The SAML page appears.

  4. In the action bar, click Create.

    The SAML Settings page appears.

  5. Do one of the following:

  6. Click Save. saves your SAML configuration.

What to do next:

  • Download the metadata.xml from using the Download SP Metadata option in the SAML Configurations table.

  • Upload this file to the SAML application you created for with your SAML provider.