Manage User Access Authorizations

Users can access using the following methods:

  • Username and password login.
  • Single sign-on (SSO). For more information, see SAML.
  • REST API with API keys. For more information, see Generate Another User's API Keys.

When you create a new user, all access methods are authorized by default. Depending on your organization's security policies, you may need to disable certain access methods, for example, disable username and password login to enforce SSO.

Use the Platform API to view, grant, and revoke access authorizations for a user. The following are examples of cURL commands to get a user's existing authorizations and then revoke the authorization for username and password login:

curl -H "X-APIKeys: accessKey=access_key;secretKey=secret_key" -X GET

curl -H "X-APIKeys: accessKey=access_key;secretKey=secret_key" -d '{"api_permitted":true,"password_permitted":false,"saml_permitted":true}' -X PUT

For more information, see Get User Authorizations and Update User Authorizations in the Tenable Developer Portal.