Configure SAML Authentication Automatically via the Tenable.sc Interface
Required User Role: Administrator
You can use this method to configure most types of SAML authentication via the Tenable.sc interface. If you encounter issues with this method (e.g., when configuring Microsoft ADFS), try the module method described in Configure SAML Authentication via the SimpleSAML Module.
For more information about SAML authentication and SAML authentication options, see SAML Authentication.
Before you begin:
Save your identity provider SAML metadata file to a directory on your local computer.
To automatically configure SAML authentication for Tenable.sc users:
Log in to Tenable.sc via the user interface.
In the top navigation bar, click System > Configuration.
The Configuration page appears.
Click the SAML button.
The SAML Configuration page appears.
In the General section, confirm the SAML toggle is enabled.
If you want to disable SAML authentication for Tenable.sc users, click the toggle.
In the Source drop-down box, select Import.
The page updates to display additional options.
- In the Type drop-down box, select SAML 2.0 (e.g., Okta, OneLogin, etc.) or Shibboleth 1.3.
Click Choose File and browse to the SAML metadata file from your identity provider.
Note: The metadata file must match the Type you selected. If Tenable.sc rejects the file, contact your identity provider for assistance.
Tenable.sc saves your configuration.
What to do next:
- Click Download SAML Configuration XML, save the .xml file locally, and use it to configure your identity provider SAML configuration. For more information, see SAML Authentication XML Configuration Examples.
- Add SAML-authenticated user accounts, as described in Add a SAML-Authenticated User.
- Instruct users to log in to Tenable.sc using the Sign In Using Identity Provider button, as described in Log In to the Web Interface.