Configure SAML User Provisioning

Required User Role: Administrator

You can enable user provisioning to automatically create SAML-authenticated users in Director by importing user accounts from your SAML identity provider. When user provisioning is enabled, users who log into your SAML identity provider are automatically created in Director. For more information, see SAML User Provisioning.

To manually create SAML-authenticated users in Director, see Add a SAML-Authenticated User.

For more information about user account configuration options, see SAML User Account Options.

Before you begin:

To import SAML-authenticated user accounts from your SAML identity provider:

  1. Log in to Director via the user interface.

  2. In the top navigation bar, click System > Configuration.

    The Configuration page appears.

  3. Click the SAML button.

    The SAML Configuration page appears.

  4. In the SAML Settings section, click the toggle to enable User Provisioning.
  5. (Optional) To automatically update contact information for imported SAML-authenticated users, click the User Data Sync toggle. For more information about User Data Sync, see SAML Authentication Options.

  6. Click Submit. Director saves your configuration.

What to do next:

  • In your SAML identity provider, map the required user attribute fields to the corresponding fields for users in your identity provider: Organization ID, Group ID, and Role ID.

    Note: Director uses the fields listed in the Attribute Mapping section to create and update users in Director. Any Tenable fields that you map to corresponding fields in your SAML identity provider populate when Director imports SAML users into Director. If you enable User Data Sync, each time a user logs into Director using your SAML identity provider, Director updates any mapped attribute fields in Director with values from the corresponding fields in your SAML identity provider.