SAML for Multi-Tenant Deployments - Multi-Tenant Guide - 6.6 - Cortex XSOAR - Cortex - Security Operations

Cortex XSOAR Multi-Tenant Guide

Product
Cortex XSOAR
Version
6.6
Creation date
2022-09-29
Last date published
2023-06-08
End_of_Life
EoL
Category
Multi-Tenant Guide

You can authenticate your Cortex XSOAR users using SAML 2.0 authentication with your identity provider, such as Okta. You need to define Cortex XSOAR authentication in your Identity Provider’s account, then create a SAML 2.0 instance in Cortex XSOAR. In some cases, you may need to provide some users with access to the main account and other users access only to a tenant account. You can do this by configuring SAML separately for the main account and for the tenant account.

If you need to provide User A access to the main account and tenant account, and User B access to only a tenant account, we recommend configuring one SAML integration on the main account (do not propagate to tenants) and a separate SAML integration on the tenant account. User A receives the URL for the main account and can access both main and tenant account. User B receives the URL for the tenant account and does not have access to main. If we want User C to also have access to only the tenant account, but with more limited permissions, we can configure the SAML integration on the tenant to restrict User C to the default analyst role or a custom role we create.