End-of-Life (EoL)

Set Up SAML Logout

SAML Logout
The SAML provider is a user authentication third party provider that helps to manage users. When you log in, the provider checks if you are a valid user. If you are authenticated, the provider assigns a session ID to you which is valid for a period of time. The next time you log in, you do not need a password, because the session is still valid from the previous login, even if you logged out of Cortex XSOAR. If you log out via SAML, the provider invalidates the session and the next time you log in to the system you need to enter a password.
To set up SAML logout, you need to create a SAML integration with a public/private key pair. You can:
  • Use a self signed certificate.
  • Purchase a certificate from a third party authority.
  1. (Optional)
    To use a self signed certificate:
    1. Create the public/private key pair by running the following command:
      openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout privateKey.key -out certificate.crt
      The following two files are created:
      • certificate.crt
        - Public key
      • privateKey.key
        - Private key (encrypted)
    2. For the Cortex XSOAR SAML integration, the private key needs to be unencrypted. Run the following command:
      openssl rsa -in privateKey.key -out private_unencrypted.key -outform PEM
      The following file is created:
      private_unencrypted.key
      - Private key (unencrypted)
  2. Go to
    Settings
    Integrations
    Servers & Services
    .
  3. Search for
    SAML 2.0
    .
  4. Click
    Add instance
    to configure a new integration.
  5. In the
    Service Provider Entity ID
    field, enter the Cortex XSOAR SAML address.
  6. Click the
    Sign request and verify response signature
    option.
  7. From your identity provider, copy the content of the public certificate file and paste it into the
    IdP public certificate
    field of the Cortex XSOAR SAML instance.
  8. Copy the content of your
    private_unencrypted.key
    file and paste it into the
    IdP private key
    field.
  9. In your identity provider application:
    1. Select the
      Enable Single Logout
      option (if applicable).
    2. In the
      Signature certificate
      field, upload the
      certificate.crt
      file.
    3. Copy the IdP Single Logout URL.
  10. In the
    IdP Single Logout URL
    field of the SAML instance, paste the
    IdP Single Logout URL
    that you copied in the previous step.
  11. In the
    Single Logout Service Endpoint
    field, type the Cortex XSOAR SAML logout address.
    https://<
    xsoarServer
    >.com<
    port
    >/saml-logout
  12. Click
    Done
    .

Recommended For You