Configure SAML User Provisioning
Required User Role: Administrator
You can enable user provisioning to automatically create SAML-authenticated users in
To manually create SAML-authenticated users in Tenable Security Center, see Add a SAML-Authenticated User.
For more information about user account configuration options, see SAML User Account Options.
Before you begin:
- Review the Tenable SAML Configuration Quick-Reference guide for a step-by-step guide of how to configure SAML for use with Tenable Security Center.
- Configure SAML authentication, as described in Configure SAML Authentication Manually via the User Interface.
To import SAML-authenticated user accounts from your SAML identity provider:
-
Log in to Tenable Security Center via the user interface.
-
In the
The Configuration page appears.
-
Click the SAML button.
The SAML Configuration page appears.
- In the SAML Settings section, click the toggle to enable User Provisioning.
-
(Optional) To automatically update contact information for imported SAML-authenticated users, click the User Data Sync toggle. For more information about User Data Sync, see SAML Authentication Options.
-
Click Submit.
Tenable Security Center saves your configuration.
What to do next:
-
In your SAML identity provider, map the required Tenable Security Center user attribute fields to the corresponding fields for users in your identity provider: Organization ID, Group ID, and Role ID.
Note: Tenable Security Center uses the fields listed in the Attribute Mapping section to create and update users in Tenable Security Center. Any Tenable fields that you map to corresponding fields in your SAML identity provider populate when Tenable Security Center imports SAML users into Tenable Security Center. If you enable User Data Sync, each time a user logs into Tenable Security Center using your SAML identity provider, Tenable Security Center updates any mapped attribute fields in Tenable Security Center with values from the corresponding fields in your SAML identity provider.